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Date: O06 November 2013 Reference no. 

Coram: Acting Registrar R Kenna 

Listing: Directions (Common Law Registrar) 

Case Details: Craig Steven Wright ‘ W8K Info Defense Research LLC 
2013/00225983 


D01SO 


Appearance(s) 





Listed for hearing on at 10am. Estimate of hearing 


Please indicate the following listing type/s below: 
[] Directions (Common Law Registrar) at 9am 
CJ Argument at 9.30am (Defamation List before Defamation Judge) 


[] Defamation matter - Election for Trial by Jury made by 
Registry to issue an invoice for Requisition for Trial by Jury. 


[J Directions Common Law at 10am (Duty Judge's list.) 

[] Directions (Possession Judge) at 9.30am. 

CI Directions Professional Negligence Judge at 9am (1° Friday of each month) 
[] Status Review at 9am before Common Law Registrar. 


Li Rule 13.6 letter to be issued. (Notice of listing - No appearance) 


(Please tick below appropriately) 


1 Jury [JOverseas witness C1 Interstate witness [J Country witness 
[J Non-jury LINot Reached Once 

Ci Assessment only CINot Reached Twice 

[1] Liability only [iNew Trial Ordered 

[) Interlocutory/Motion CL) Expedited 

[1 Defamation -s 7A CiReduced Life Expectancy 

[1 Defamation - Final LjOther priority reasons (please specify) 


(Tens fer of 1/P hod yatlay pad 


Other orders or directions: 


Quiclov\ 1~-Yy of Cloreayys. 
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COMMON LAW REGISTRAR’S CASE MANAGEMENT ORDERS | 


LI 1. Make orders to enable Expert evidence to be given concurrently. 
[] 2. The Plaintiff to file and serve an Evidentiary Statement by 


[] 3. The Defendant/ Defendants to file and serve a Statement of Issues in Dispute within 28 days of receipt 
of the Plaintiffs Evidentiary Statement. 


4. Each Defendant to notify the plaintiff within 28 days of receipt of the evidentiary statement of those 
parts of the statement, which the Defendant requires to be given orally. 


A 5. The Plaintiff is to serve on each party within 14 days of the receipt of the Statement of Issues in Dispute 
~.a statement identifying those issues, which are agreed and not agreed. 


7 LJ 6. The Plaintiff is to file and serve a Statement of Damages by 


LI 7. The Defendant/Defendants is/are to file and serve a Statement of Damages by 


: Os. Experts in their respective areas of expertise are to confer and provide a report on matters agreed and 
‘- disagreed setting out the reasons for their disagreement. Such conference is to take place by 


He “ [1°9. The report from the Experts is to issue by 


’ [} 40. Pursuant R31.4 UCPR | direct that the Plaintiff is to serve on each active party a written statement or | 
_© statements of the oral evidence that the Plaintiff or any other witness on the Plaintiff's behalf intends to 
* adduce in chief on all questions of fact to be decided at the hearing, on or before 


L] 11. Pursuant to R31.4 UCPR | direct that the Defendant /Cross Claimant is to serve on each active party . 
a written statement or statements of the oral evidence that the defendant /cross claimant or any other witness 
on behalf of the Defendant/Cross Claimant intends to adduce in chief on all questions of fact to be decided at 
the hearing, on or before 


12. | direct that all parties serve, pursuant to R31.4 UCPR statements except for the above statements on 
each other active party, containing all statements of the oral evidence which the parties intend to adduce in 
chief on all questions of fact at the hearing on or before 


_ 0 13. Parties to advise within__—=—s———_ days of receipt of the witness statements of those 
_ parts of the statements they require to be given orally. 


ge L] 14. Parties to file and serve a Final Joint Memorandum of Issues in Dispute by 


_ U0 15. List the matter for a Telephone Conference on 
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_ Valentina To craigswright@acm.org 
Ortakovska/SCO/NSW_AG 
03/09/2013 03:02 PM 7 
bcc 
Subject RE: proceeding number 2013/ 225983 
Dear Mr Wright, 


Please be advised that the Consent Order filed on 28/8/2013 was not dealt by Registrar in chamber. 
The listing date of 30/10/2013 still remains and all parties needs to be present in court on that day. 


Regards 

Valentina Ortakovska 
Senior Client Service Office 
Supreme Court of NSW 
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Date: 30 October 2013 Reference no.__/ 

Coram: Registrar C Bradford 

Listing: Directions (Common Law Registrar) 

Case Details: Craig Steven Wright v W&K Info Defense Research LLC 
2013/00225983 





Appearance(s) 


Listed for hearing on | at 10am. Estimate of hearing 


Please indicate the following listing type/s below: 
C1 Directions (Common Law Registrar) at 9am 
Cl Argument at 9.30am (Defamation List before Defamation Judge) 


LI] Defamation matter - Election for Trial by Jury made by 
Registry to issue an invoice for Requisition for Trial by Jury. 


O Directions Common Law at 10am (Duty Judge's list.) 

[] Directions (Possession Judge) at 9.30am. 

1 Directions Professional Negligence Judge at 9am (1° Friday of each month) 
C] Status Review at 9am before Common Law Registrar. 


[] Rule 13.6 letter to be issued. (Notice of listing - No appearance) 


(Please tick below appropriately) 


CI Jury [JOverseas witness (1 Interstate witness C1] Country witness 
[C] Non-jury LINot Reached Once 

CL] Assessment only CINot Reached Twice 

C1 Liability only : CiNew Trial Ordered 

[M Interlocutory/Motion CL) Expedited 

[C] Defamation -s 7A LiReduced Life Expectancy 

[] Defamation - Final [lOther priority reasons (please specify) 


Other orders or directions: 


please turn over ... 
%, a 


ey 
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COMMON LAW REGISTRAR’S CASE MANAGEMENT ORDERS 


[| 1. Make orders to enable Expert evidence to be given concurrently. 
[| 2. The Plaintiff to file and serve an Evidentiary Statement by 


L] 3. The Defendant/ Defendants to file and serve a Statement of Issues in Dispute within 28 days of receipt 
of the Plaintiffs Evidentiary Statement. 


[| 4. Each Defendant to notify the plaintiff within 28 days of receipt of the evidentiary statement of those 
parts of the statement, which the Defendant requires to be given orally. 


_] 5. The Plaintiff is to serve on each party within 14 days of the receipt of the Statement of Issues in Dispute 
a statement identifying those issues, which are agreed and not agreed. 


L| 6. The Plaintiff is to file and serve a Statement of Damages by 


_[] 7. The Defendant/Defendants is/are to file and serve a Statement of Damages by 


L] 8. Experts in their respective areas of expertise are to confer and provide a report on matters agreed and 
disagreed setting out the reasons for their disagreement. Such conference is to take place by 


[| 9. The report from the Experts is to issue by 


[] 10. Pursuant R31.4 UCPR | direct that the Plaintiff is to serve on each active party a written statement or 
statements of the oral evidence that the Plaintiff or any other witness on the Plaintiff's behalf intends to 
adduce in chief on all questions of fact to be decided at the hearing, on or before 


L! 11. Pursuant to R31.4 UCPR | direct that the Defendant /Cross Claimant is to serve on each active party 
a written statement or statements of the oral evidence that the defendant /cross claimant or any other witness 
on behalf of the Defendant/Cross Claimant intends to adduce in chief on all questions of fact to be decided at 
the hearing, on or before 


|] 12. | direct that all parties serve, pursuant to R31.4 UCPR statements except for the above statements on 
each other active party, containing all statements of the oral evidence which the parties intend to adduce in 
chief on all questions of fact at the hearing on or before 





| (1 13. Parties to advise within days of receipt of the witness statements of those 
-’ parts of the statements they require to be given orally. 


[|] 14. Parties to file and serve a Final Joint Memorandum of Issues in Dispute by 


, Uo 15. List the matter for a Telephone Conference on 
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Listing Details 

Heard at: 06/11/2013 by: Acting Registrar R Kenna; 
Supreme Court Sydney 
Supreme Court - Civil 


2013/00225983-001 Acting Registrar R Kenna Directions (Common Law Registrar) Craig Steven Wright v W&K Info Defense Research LLC 09:00 AM 5 MINUTES 





View Outcome Text 





[ Record Outcome }[ eat outcome }{ ctose | 
| oo a 
Be Sasi teteinsss antabuse tte aso ates vs denna endosomes coach Dataset a eases as tS ae a haa Sc la tn ced aan. eat cere! 

| Appearances: 
| : W&K Info Defense Research LLC, Defendant , No Appearance i 
| | Wright, Craig Steven, Plaintiff , No Appearance 

i. , SOS ere P es 00k. L Pa nens of Claim: Craig Steven Wright v Wak Info Defense Research LLC / - | | | 
 By¢ BY CONSENT” | 
r Orders/Judgment: | 
| 1. Judgment in the sum of $28,254,666.00 in favour of the plaintiff. | 
_ 2. No order as to costs. | 

| _ 3. The court notes the agreement of the parties that the plaintiff will accept the transfer of Intellectual | 
| property held by the plaintiff in full and final satisfaction of the judgment. | 
| ) 4. A deed of transfer for the Intellectual Property is to be completed before 01 Sept 2013. : 

| (ID 258371 58) 

http:/justicelink.internal justice. nsw.gov.au/iink/outcome/viewOutcome.do?caseProceedingNum= 201300225983&outcomeld= 16621089 1/1 
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Form 40 (version 2) 
UCPR 35.1 





AFFIDAVIT OF Graig Ss — 31 t 2013 NS 





Court NSW ors 
Division General Division Common Law 
List General 
Registry Sydney 
Case number 2013 / 225983 & 

2013 / 245661 





Plaintiff Craig Steven Wright (ABN 97 481 146 384) 


Defendant W&K INFO DEFENSE RESEARCH LLC 





Filed for Craig S Wright 


Plaintiff 
Contact name and telephone Craig S Wright 
0417 683 914 
Contact email Craig S Wright (craigswright@acm.org) 
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Powe ae arene = 





Address 43 St Johns Ave Gordon 

Occupation Director / Lecturer OC) 

Date 3-Ort2ots— | 

| affirm: 

1. | am the plaintiff. 

2. | believe that the information contained in this affidavit is true. 

3. The contr4act as settlement for the finance agreement and debt is attached as 
appendix A. 

4. The original deal was agreed to be varied as a consequence of the sudden and 
unexpected rise in the value of Bitcoin (from $2 a Bitcoin at the time of the original 
contract with the defendant to over $250 at the time the new agreement was made). 

5. The new agreement was signed and was due to settle on the 30" April 2013. 

6. | discovered that Mr Kleiman died before transferring the required funds on the 29" 
April 2013. The payment was planned for 30" April 2013. This was to have been in 
the form of a transfer of 250,500 Bitcoin (at the time of drafting this is valued at — 
$56 ,083,833.19 as per Appendix B) and other sundry items/agreements. 

i. Mr Kleiman was not added as a shareholder and director of Coin-Exch Pty Ltd as 
was planned to occur on the 30" Apr 2013 as a consequence. 

8. The repayment of the debt did not occur as was agreed due to Mr Kleiman’s 


unexpected death. 
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Z LA gi — 


° Signature of depo nent an, a | Ye 7 
Name of witness IICHOCIPS CS 1FAl ES PY CICK WA [> 


Address of witness H/1O3 NGA TOKE Lee LP : i) Ay Se 2=> 
Capacity of witness Diespryee= oF THE PETKEF 


And as a witness, | certify the following.matters cgncerning the person who mad this Aap ffidglit (the deponent): 
Vi sav cae ee O eg — 
} the-f fthe d tOR-d ; ee : 


everoptionts-inapplicable} 


2 | have confirmed the deponenit’s identity using the following identification document: 


Identification ent relied o be ae fied copy)' 
Signature of witness — L7 ae 


Note: The deponent and witness must sign each page of the affidavit. See UCPR 35.7B. 


NICHOLAS CHARLES HcDORALD 
__ dustos oftiio Peace Xecisesen GS 
ingen fore Stas of isa Gta visiss, AgoTala 
aa ug Melos Gey Fe 


Comod NSW 2137 
Telsphons 82 OSHe7 781 Gai 2 473 685 


[1 "Identification documents” include current driver licence, proof of age card, Medicare card, credit card, 
Centrelink pension card, Veterans Affairs entitlement card, student identity card, citizenship certificate, birth 


certificate, passport or see Oaths Regulation 2011 or JP Ruling 003 - Confirming identity for NSW statutory 
declarations and affidavits, footnote 3.] 
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CONTRACT FOR THE SALE OF SHARES OF 
A COMPANY OWNING BUSINESS 


| 
| 
: 
| 
| 
| 


PARTIES 


erred to tn fhe avi 


f 
ni ste nour na eres ave Kleiman for W & K info Defense LLC | 





auemieiieti Dae me é (Vendor) 
fe ee 

one Tay ARLE 

Page 1 of SS pages ai Hse AS OH te sefion PETA AND 


Craig Wright R&D 
ABN 97 481 146 384 
(Purchaser) 


AND 


W2&K Info Defense LLC 
(Company) 


| 
Ref: CEWKO3 | 


a 
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THIS AGREEMENT dated 02 day of April 2013 


BETWEEN 
Dave Kleiman of W&K Info Defense LLC (Florida) 
(Vendor) 
And 
Craig Wright of Craig Wright R&D 
ABN 97 481 146 384 
(Purchaser) 
And 
Wé8&K Info Defense LLC 
(Company) 
RECITALS 


A. The vendor is the owner of all issued shares in the company being ordinary 
class shares. Ownership is 50% in the vendor’s name and 50% in trust held for 
the purchaser. 

B. The company is the owner of and conducts the business known as Bitcoin 
mining and Software development / Research. 

_C. The vendor has agreed to sell and the purchaser has agreed to purchase the 
vendor's shares for the price and upon the terms set out hereunder. 

D. As the purchaser will succeed to the business of the company on completion of 
the acquisition of these shares, the parties agree that they will incorporate into 
this agreement those agreements contained in the attached contract for the 
sale of a business to the intent that they shall in relation to the sale of the 
shares have the rights and obligations contained in such contract as part of this 
agreement. 

E. The company has consented to and agreed to be bound by the terms of this 
agreement. 

F. The company includes all software, research material and other aspects of the 
business. 

G. The parties wish to commit the terms of their agreement to writing in the 


manner hereinafter set out. 





Page 1 of 9 


CONFIDENTIAL KLEIMAN_00560896 


Case 9:18-cv-80176-BB Document 829-132 Entered on FLSD Docket 12/16/2021 Page 15 of 
141 


$40,000,000 are deemed paid in full for the above value. This is noted as 
consideration from the purchaser and is issued in forbearance of the 
requirements of the contract signed 22 April 2011 between the 
Vendor/Company and the purchaser (designated CEWK071). 

(b) The vendor agrees that the paper wallet with address 
“T933phfhK3ZgF QNLGSDXvqCn32k2buXY8a’” held in escrow will be 
released to the purchaser. 

(c) Due to the unexpected rise in the value of Bitcoin, it is agreed that two 
transfers (in Bitcoin) of BTC 125,000 and BTC 125.500 when taken in 


conjunction with the supply of the software, will suffice to fulfil the contract. 


3. Hence, the vendor will: 
(a) Pay (transfer to) the purchaser 250,500 BTC on 30 April 2013, 
(b) Accept transfer of the escrowed Bitcoin paper wallet to the purchaser, 
(c) Transfer the ASC hardware to the purchaser, 
(d) Release the source code to the purchaser, 
(e) Transfer the Vistomail email account. 
(f) Transfer all research materials from the four (4) DHS BAA research 
projects to the purchaser with all notes, data and results, and 


(g) Transfer any shares in the company to the purchaser by 30 April 2013. 


4. The Purchaser will: 
(a) Accept the new terms in full satisfaction of the contract with Reference 
| CEWKO1 made between the vendor/company and the purchaser on 22 
April 2013. 

(b) Accept the vendor's 323,000 remaining “mined” Bitcoin as a 49.5% stake 
in a new venture to be formed in Australia (to be called Coin-Exch Pty Ltd) 
between the vendor and the purchaser for the exploitation of the joint and 
to be pooled Bitcoin 

(c) Accept the transfer of the 323,000 Bitcoin (to be made on the 30" April 


2013) as capital and note that shares in the new enterprise will be issued 


ay 
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(d) Provide $30,000,000 in capital into Coin-Exch Pty Ltd (to be formed) and 


the software developed in the prior venture. 


5S. Settlement shall be effected on 30 April 2013. 


6. So far as they are relevant the agreements contained in the incorporated 
contract for the sale of a business shall be agreements between the parties 


herein. 


7. In the event of either party failing to complete this agreement on the settlement 
date then the other shall be entitled at any time thereafter to serve a notice to 
complete requiring the other to complete within 14 days from the date of service 
of the notice, which time period is considered reasonable by both parties. For 
the purpose of this contract, such notice to complete shall be deemed both at 


law and in equity sufficient to make time of the essence of this contract. 


8. On the settlement date the vendors shall: 

(a) Deliver up to the purchaser possession of the business conducted by the 
company and in all respects shall have complied with the terms of the 
business sale contract incorporated herein: 

(6) Deliver up to the purchaser duly executed instruments of transfer of their 
shares; 

(Cc) Cause a meeting of the directors of the company to be held at which the 
directors shall approve and consent to the sale and transfer by the 
vendors to the purchaser of the vendors’ shares. 

(dq) Send all software developed under the various DHS BAA filings to the 
purchaser (incl. source code and documentation). 

(e) Provide the location and access rights to the ASC mining hardware hosted 
at a site known to Mr Kleiman will be returned with this transfer. This has a 
nominal value of $8,828,571.29 before depreciation. This is a 

(f) Solutions to the Agent and Merkle Tree problems developed by Professor 
David Reese. 


(g) Bitcoin agent software and suit of C/C++/C# and Python Blockchain 


—— 
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(hn) Exchange Bitcoin holdings as noted in the contract. 


9. The company hereby agrees to take all steps and carry out all acts to procure 
the registration on the settlement date of the purchaser as the registered holder 


of tile to the vendors’ shares. 


10. The purchaser will make all reasonable endeavours to have the new venture 
(Coin-Exch Pty Ltd) registered for GST and under the Australian Corporations 


act provisions before settlement on the 30" April 2013. 


11. The parties hereto agree to execute and perform all such acts, deeds. 
documents and things whatsoever as may be necessary and desirable to better 


carry into effect the provisions of this agreement. 


12. Vendor’s warranties 
(a) Vendor's authority to sell 

(i) |The vendors are the registered and beneficial owners of their shares 
in the company. 

(ii) The vendors have full power and authority to sell and transfer to the 
purchaser good legal and equitable title to the shares without the 
consent or authorisation of any person except only consents required 
by the company. 

(b) The company’s financial statements 
Other than matters disclosed to the purchaser in writing the books and 
accounts of the company truly and fairly reflect the company’s affairs. 

(Cc) Books and records 

The company's books, records and registers are in the possession of the 

company, and accurately record the details of all of the company's 

transactions, finances, assets and liabilities. 
(d) Taxation 

(i) Other than disclosed to the purchaser in writing the company has 
lodged or filed all tax and duty returns for all taxes including GST, 
income tax, sales tax, fringe benefits tax, payroll tax, group tax and 
WorkCare levies. 
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(i) No claim has or wil be made against the company for payment by 
the company pursuant to the provisions of the Income Tax 
Assessment Act 1936 of any tax which is not shown or included as a 
liability or provision in the balance sheet contained in the accounts. 

(ill) Neither the commissioner nor any federal, state or municipal body 
has any dispute with the company concerning the company's affair. 

Compliance with applicable laws 

(1) Neither the vendor nor the company has breached, or caused a 
breach of the company's memorandum or articles of association; any 
contract, agreement or instrument which binds the company; or any 
judgment, order, injunction or decree of any court, commission or 
administrative body relating to the company or to the shares. 

(ii) Neither the company nor any of its officers, agents or employees 
(while performing their duties for the company) has breached the 
law. The company has not been notified that it has, or may have, 
breached the law regulating its affairs or the conduct of its business. 

Litigation and indebtedness 

Other than as disclosed to the purchaser in writing: 

(1) The company is not a party to, or threatened with, any claim, 
litigation, prosecution or arbitration in any court, tribunal or otherwise; 

(ii) There are no unsatisfied judgments or arbitral awards against the 
company; 

(iii) The company is not being investigated for any breach of the law. 
Neither the company nor any of its directors is aware of any breach 
of the law or of any circumstances, which would give rise to a breach 
of the law other than as disclosed to the purchaser in writing; 

(iv) The company has met all deadlines for repayment of its debts: 

(v) No petitions, notices or proceedings have come to the company's 
notice, which could result in it being wound up. No orders or 
resolutions have been made or passed to place the company in 


liquidation or provisional liquidation. 
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(g) Accuracy of disclosed information 

(i) |The vendor has disclosed to the purchaser all information, which 
would be material for a purchaser in forming a decision whether or 
not to purchase the shares. 

(li) If either the vendor or the company becomes aware of anything 
which may constitute a breach of, or be inconsistent with any 
representation, warranty or undertaking in this agreement, they will 
notify the purchaser of its particulars promptly in writing. 

(nh) Warranties and indemnities 

(i) It is a condition of this agreement that each warranty is true and 
correct in every respect and shall be construed separately. 

(ii) The vendor acknowledges that the warranties have been given with 
the intention and for the purpose of inducing the purchaser to enter 
into this agreement. 

(iil) The purchaser has entered into this agreement and agreed to the 
purchase price payable for the shares on the basis of and in full 
reliance upon the warranties. 

(iv) Prior to the settlement date the vendor will take all such steps and 
provide all such information and documents with regard to the 
company as the purchaser may reasonably require and will give the 
purchaser and its professional advisers full and free access to the 
records and accounts of the company (whether financial or 
otherwise) to enable them to fully investigate the accuracy of the 


warranties. 


Notices 

A communication required by this agreement, by a party to another, must be in 

writing and may be given to them by being: 

(a) Delivered personally; or 

(b) Posted to their address specified in this agreement, or as later notified by 
them, in which case it will be treated as having been received on the 


second business day after posting; or 
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(c) Faxed to the facsimile number of the party with acknowledgment of receipt 
received electronically by the sender, when it will be treated as received 
on the day of sending; or 

(dq) Sent by email to their email address, when it will be treated as received on 
that day. 


14. Waiver or variation 

(a) A party’s failure or delay to exercise a power or right does not operate as 
a waiver of that power or right. 

(Db) The exercise of a power or right does not preclude: 
(i) Its future exercise; or 
(ii) The exercise of any other power or right. 

(c) The variation or waiver of a provision of this agreement or a party’s 
consent to a departure from a provision by another party will be ineffective 


unless in writing executed by the parties. 


15. Counterparts 
This agreement may be executed in any number of counterparts each of which 
will be an original but such counterparts together will constitute one and the 
same instrument and the date of the agreement will be the date on which it is 


executed by the last party. 
16. Further assurance 
Each party will from time to time do all things (including executing all 


documents) necessary or desirable to give full effect to this agreement. 


17. Costs 


Each party will pay their own costs in relation to this agreement. 


Page 8 of 9 


CONFIDENTIAL KLEIMAN_00560902 


‘Case 9:18-cv-80176-BB Document 829-132 


SIGNED AS AN AGREEMENT 


Executed by 
W & K Info Defense LLC ) 


dn 2 AK boc ‘ 


Dave Kleiman 
DIRECTOR 


Executed by 
Craig Wright R&D (A.B.N. 97 481 146 


y, 


Craig S Wright 
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| it The World's Favorite Currency Site 


e&.com 


XE CURRENCY CC 





290,500.00 XBT = 56,083,833.19 AUD 


Bitcoin <> Australian Dollar 


1 XBT = 223.888 AUD 1 AUD = 0.00446653 XBT 
Mid-market rates: 2013-11-03 09:20 UTC 


Send an international Payment. Glick here! 


XE Market Analysis 


North American Edition 2013-11-01 10:44 UTC XE Trade 





The FX market reflected re-pricing of central bank policy 

expectations, which boosted the USD and weighed 
heavily on the EUR. Market positioning exacerbated the 
depth of the move over the last 24 hours and volumes 
have been much larger than average, according to flow 
desks. EUR-USD threatened 1.3500 and was matched 
by a meltdown in the crosses. USD-JPY whipsawed. 
Heavy JPY-cross selling triggered a move in Asia from 
98.35 to 97.80 and then it rebounded in... Read More p 


XE Services 


Send a cheap money 


iS easy, secure, and it 
works with your bank. 
Send an XE Trade 
Money Transfer > 






privat aaa ne me ae 


on the efp-fe~ 


0 
Page 1 of pages 





cr 
Justice of! the Peace eraton 105174 


Get a currency data 


transfer p feed p 

Looking to send money abroad? Transferring money online Need commercial grade rates for your business? XE 
is easy with XE Trade. It works with your bank and it's free Currency Data Feed easily integrates wth your system and 
to sign up. has guaranteed data delivery. 

e Free online quotes e 150+ global sources 

e Competitive exchange rates e Rates for every world currency 

« No-fee money transfer options e Accuracy with proprietary rates 

e Bid for your preferred rate *« Choose frequency of updates 

Transfer Money with XE Trade Order the XE Data Feed 
More Tools & Services 
Featured Products More XE Products 
FREE 


heneu TeancerOne ahh Nes OO EE on Subscribe for FREE daily 
Money transier UPions aaa 

, Currency rates for SCE ECGs: 
your business 

















Receive XE rates by e-mail > 





lick Hera» oe 


PU eee eh eee feria etter cesc genome detemeenteeseeneeanuernrece 





www. xe.convcurrencyconverter/convert/?Amount=250500&F rom=XBT &To=AUD 1/2 
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xe The World's Favorite Currency Site 


€.com 


XE CURRENCY CC 


250,900.00 XBT = 56,083,833.19 AUD 


Bitcoin <- Australian Dollar 
1 XBT = 223.888 AUD 1 AUD = 0.00446653 XBT 


Mid-market rates: 2013-11-03 09:20 UTC 


Send an international Payment. Click here!! 





XE Market Analysis 


North American Edition 2013-11-01 10:44 UTC XE Trade 

The FX market reflected re-pricing of central bank policy is easy, secure, and it 
expectations, which boosted the USD and weighed works with your bank. 
heavily on the EUR. Market positioning exacerbated the Send an XE Trade 
depth of the move over the last 24 hours and volumes Money Transfer > 
have been much larger than average, according to flow 

desks. EUR-USD threatened 1.3500 and was matched 

by a meltdown in the crosses. USD-JPY whipsawed. 

Heavy JPY-cross selling triggered a move in Asia from 

98.35 to 97.80 and then it rebounded in... Read More p> 





XE Services 


Send a cheap money Get a currency data 


transfer p> feed p 


Looking to send money abroad? Transferring money online Need commercial grade rates for your business? XE 
is easy with XE Trade. It works with your bank and it's free Currency Data Feed easily integrates with your system and 
to sign up. has quaranteed data delivery. 


e Free online quotes e 150+ global sources 

e Competitive exchange rates ° Rates for every world currency 
e No-fee money transfer options e Accuracy with proprietary rates 
e Bid for your preferred rate ° Choose frequency of updates 


Transfer Money with XE Trade Order the XE Data Feed 
More Tools & Services 


Featured Products More XE Products 





FREE 
Money Transfer Options 
Pe 


Subscribe for FREE daily 
currency updates. 


_ Currency rates for 
--your business 





Receive XE rates by e~mail> 


NOS, ee ene nein ieee tna nat nentnnev inne tant se 


www.xe.conv/currencyconverter/convert/?7Amount=250500&From= XBT &To=AUD 1/2 - 
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Court 


141 FILED - 





CONSENT ORDER 





~ NSW Supreme Court 


Division General Division Common Law 


List 


General 


Registry _ Sydney | 4 
Case number 2013 / 225983 





Plaintiff | Craig Steven Wright (ABN 97 481 146 384) 


Defendant Wé&K INFO DEFENSE RESEARCH LLC 





Filed for Craig S Wright 
Plaintiff 
Contact name and telephone Craig S Wright 
0417 683 914 
Contact email Craig S Wright (craigswright@acm.org) 





“Orders/Jud udgment: 


1 


2. 


CONFIDENTIAL 


Judgment in the sum of $28,254,666.00 in favour of the plaintiff. 
No order as to costs. 


The court notes the agreement of the parties that the plaintiff will accept the transfer 
of Intellectual property held by the plaintiff in full and final satisfaction of the 
judgment. 


A deed of transfer for the Intellectual Property is to be completed before 01Sept 
2013. 
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Plaintiff pues 

The plaintiff consents. 

Signature of plaintiff : Fa 
CraigS Wright 

Capacity Plaintiff F : 

Date of signature 28" Aug 2013 

Defendant 

The defendant consents. 

Signature of or on behalf of party 

if not legally represented 

Capacity Authorised officer 

Date of signature 28" Aug 2013 





J Wilson consents. 





‘SE 
Court seal 
Signature 
Capacity 
Date made or given 


Date entered 












Subject to limited exceptions, no variation of a judgment or order can occur except on 


application made within 14 days after entry of the judgment or order. 
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Form 40 (version 2) 
UCPR 35.1 


e AFFIDAVIT OF Craig S Wright — 31* dbs 








Court | | NSW Supreme Court 
Division General Division Common Law 


List General 


Registry Sydney 
Case. number 2013 / 225983 & 
2013 / 245661 





Plaintiff Craig Steven Wright (ABN 97 481 146 384) 


Defendant W&K INFO DEFENSE RESEARCH LLC 






Filed for Graig S Wright 
Plaintiff 
Contact name and telephone Craig S Wright 
0417 683 914 
Contact email | Craig S Wright (craigswright@acm.org) 


Co 
OK 
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Name Craig S Wright 


- Address 43 St Johns Ave Gordon 
Occupation Director / Le : 





Date 

| affirm: 

1. | am the plaintiff. 

2. | believe that the information contained in this affidavit is true. 

3S: The defendant is indebted to the plaintiff in respect of the balance of the cause of 


action 2013 / 225983 for which this action was commenced in the amount of 
$28,254 ,666.00 together with interest on the principal sum from the date of the cause 
of action to today’s date of $156,755.34 calculated as follows: 


Period Days & Rate p.a. Debt Amount Interest 
25 Jul 2013 -— 23 Aug 93 days @ $28 254 666.00 $488,637.81 
2013 6.750% 


$5,254.17 per day until 
entry of judgment 


Total: $28, 743,303.81 
4. The defendant is indebted to the plaintiff in respect of the balance of the cause of 
action 2013 / 245661 for which this action was commenced in the amount of 
$28 254,666.00 together with interest on the principal sum from the date of the cause 


of action to today’s date of $156,755.34 calculated as follows: 


Period Days & Rate p.a. Debt Amount Interest 
25 Jul 2013 — 23 Aug 93 days @ $28, 534,049.79 $490,746.57 
2013 6.750% 


$5,254.17 per day until 
entry of judgment 


Total: 929,024, 796.36 


oF Since the commencement of this action no payments have de or credits 
accrued. 


Ao oocee 





6. The amount for filing, issuing and serving of the statement of claim herein, (uhie 


not been paid is $0. 





CONFIDENTIAL KLEIMAN_00560909 


Case 9:18-cv-80176-BB Document 829-132 Entered on FLSD Docket 12/16/2021 Page 28 of 


10. 


11. 


12. 


13. 


14. 


15. 


16. 


141 
3 


The amount of solicitor’s costs calculated in accordance with the Local Courts (Civil 


Claims) Rules, which has not been paid is $0. 


The Statement of Claim was served on the defendant on 26 Jul 2013 by leaving it 
with the Defendant at the registered address for service of: 

David A Kleiman 

3119 Contego Lane 


Palm Beach Gardens 
Fl 33410 USA 


The Statement of Claim was served on the defendant on 26 Jul 2013 by mailing it 
with the Defendant at the registered mailing address for service of: 

David A Kleiman 

4371 Northlake Blvd #314 


Palm Beach Gardens 
Fl 33410 USA 


The defendant is a US LLC based in Florida USA. The US resident director was 
David A Kleiman. (Appendix A). 


The market rate (at this date) for the contract quantity of Bitcoin (Currency Code 
XBT) on Xe.com is $AUD 67,863 ,954.23 at a market rate of 1 XBT = 226.213 AUD 
1 AUD = 0.00442061 XBT. 


A contract was formed in April 2011 (Appendix B). 


300,000 Bitcoin and a series of software projects was to be paid in 2013 as 


consideration for this agreement. 


On 02 Feb 2013 the agreement to pay the 300,000 Bitcoin was noted in an email of 
Dave Kleiman to Craig Wright noting the verbal agreement to start a Bitcoin 
exchange based on the mined Bitcoin of Mr Kleiman and the returned amounts paid 


as consideration. 


The company, COIN-EXCH PTY. LTD. ACN 163 338 467 was started on 17" Apr 
2013 with an agreement for Mr Kleiman to transfer the remaining capital from the 
contract (B) in repayment as well as to inject a further amount of capital into the 


company on or before 30" April 2013 Appendix D). 


The contract was associated with an invoice to be paid fer $34,862,323.00 U ; 
22Apr 2011. This was paid in full. | 
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ee Mr David A Kleiman died on 26" April 2013 (US time) (Appendix F). 


18. The transfers made into “W&K Info Defence LLC” (Appendix G) were completed in 
April 2013. These are pseudo anonymous but public. The details have been supplied 
in Appendix G. Details of these transactions have been given to the Australian Tax 


Office for tax purposes. 


19. The Bitcoin addresses used have been independently validated by NSW Solicitors 
under oath (Appendix H). 


20. Work and research was conducted under the US Dept. of Homeland Security DHS 
BAA 


(a) Appendix | 
(b) Appendix J 
(Cc) Appendix K 


21. Mr Kleiman noted that screening software was developing in unwarranted manners 


and | noted that our software was looking at being better in an email (Appendix L). 
22. The coversheets for the S&T Directorate projects are included in Appendix M 


23. On 01% August 2013 a shareholders meeting was called for “W&K Info Defense LLC” 
to be held on the 16" August 2013. The meeting was emailed to the company 
address as well as send to the address of the shareholders and company. The 
shareholding of “W&K Info Defense LLC” was: 

1. Craig S Wright 50.0 % 
2. David A Kleiman 50.0 % 
24. The meeting from point 23 meeting was held on the 16" of August 2013. The 


following people were present: 


tL: Jamie Wilson 
2. Craig S Wright 
25. “W&K Info Defense LLC” was an incorporated partnership. All shares are held jointly. 


The constitution states there is to be a resident US director. Shares were held jointly 


as per the US Companies Act, 1956. 


26. The following points were moved at the meeting: aa SS 
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1. Jamie Wilson will act as director for the purposes of consenting to orders and 


the company to be wound down. 
2. The vote was Craig Wright — “Yes”. No other parties. 


3: lt was agreed that following the motion to accept the debt owed by the 


company (W&K Info Defense LLC), it would be closed. 


27. Projects for the development of software started in 2009 under a company named 
“Integyrs Pty Ltd” (Appendix N). 


28. The development of the software was extended considerably in the period between 
2011 — 2013. 


29. | discovered that Mr Kleiman died before transferring the required funds on the 29" 
April 2013. The payment was planned for 30" April 2013. 


30. Mr Kleiman was not added as a shareholder and director of Coin-Exch Pty Ltd as 


was planned to occur on the 30" Apr 2013 as a consequence. 
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AFFIRMED at Sangh ho, 


Signature of deponent 


Name of witness Nec Hocrs He. Jos NCH. bop | | 
Address of witness bao fant S077 ie a DY 7 MStC 2152 


Capacity of witness JOST IFA 
And as a witness, | certify th iu tter Or ning (UE Faron vho ma idavit (t a ponent): 
\ Sa * | Gtr ce 
ef 
2 | have confirmed the deponent’s fica using the following identification document: 


ie a 
Identifi ation doc 


Note: The deponent and qitness must sign each page of the affidavit. See UCPR 35.7B. 





Signature of witness 


NICHOLAS CHARLES | 
Justice of the Poace HES MOEONALD 


it Gnd forthe STN of Now car NWieke atl 


iW 
Telephone t 029 as0aT74 { ‘412478696 





[' "Identification documents" include current driver licence, proof of age card, Medicare card, credit card, 
Centrelink pension card, Veterans Affairs entitlement card, student identity card, citizenship certificate, birth 
certificate, passport or see Oaths Regulation 2011 or JP Ruling 003 - Confirming identity for NSW statuto 
declarations and affidavits, footnote 3.] 
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Electronic Articles of Organization Sant 
ee ep ays a February 16, 2011 
Florida Limited Liability Company Se "Of State 
cune 


; Article I 
The name of the Limited Liability Company 1s: 
W&K INFO DEFENSE RESEARCH LLC 


Article II 
The street address of the principal office of the Limited Liability Company is: 


3119 CONTEGO LANE 
PALM BEACH GARDENS, FL. US 33418 


The mailing address of the Limited Liability Company is: 


4371 NORTHLAKE BLVD #314 ' 
PALM BEACH GARDENS, FL. US 33410 


Article ITT 
The purpose for which this Limited Liability Company is organized is: 
ANY AND ALL LAWFUL BUSINESS. 


Article [V 


The name and Florida street address of the registered agent is: 


DAVID A KLEIMAN 
3119 CONTEGO LANE 
PALM BEACH GARDENS, FL. 33410 


Having been named as registered agent and to accept service of process for the above stated limited 
liability company at the place designated in this certificate, I hereby accept the appointment as registered 
agent and agree to act in this capacity. I further agree to comply with the provisions of all statutes 
relating to the proper and complete performance of my duties, and I am familiar with and accept the 
obligations of my position as registered agent. | 


Registered Agent Signature: DAVE KLEIMAN 


This is the annexure marked with the letter Prefered to Ag Fidei 
ion of S - 


A 
—— me at Seg f 
onthe 4 oy (Za 


Page 1 of 7 pages NICHOLAS CHARLES McDONALD 


Justice of the Peace Registration 105474 






Z 


ae 
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Article V 11000019904 
The name and address of managing members/managers are: ae uary. 16.204 1 
Title: MGRM Sec. Of State 
DAVID A KLEIMAN tcline 


4371 NORTHLAKE BLVD #314 
PALM BEACH GARDENS, FL. 33410 US 


Article VI 
The effective date for this Limited Liability Company shall be: 
02/14/2011 
Signature of member or an authorized representative of a member 
Electronic Signature: DAVE KLEIMAN 
I am the member or authorized representative submitting these Articles of Organization and affirm that the 


facts stated herein are true. I am aware that false information submitted in a document to the Department 
of State constitutes a third degree felony as provided for in s.817.155, F.S. I understand the requirement to 
file an annual report between January Ist and May 1st in the calendar year following formation of the LLC 


and every year thereafter to maintain "active" status. 
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INTELLECTUAL PROPERTY LICENCE 
FUNDING AGREEMENT 





PARTIES 


Craig Wright R&D 
ABN $7 4874 146 384 
(Financer) 


AND | 


3 
4 
8 


W&K info Defense LLC. 
(Provider) 


' referred to In the Affidavit f 
This is the annexure marked with ge lettex2’ refe S LULIG 
oa 
sworatfirmed! ederet fe me @ (3 
on the Le b : 









ARLES McDONALD 


One-page-onti— 
Page 4 of (Gages ae 5 
Justice oft the Peace Registration 1054 





Ref CEWKO1 | 


ee 
a 
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THIS DEED dated 22" day of April 2011 


BETWEEN 
Craig Wright of Craig Wright R&D 
(Financer) 
And 
Dave Kleiman for W & K Info Defense LLC 
(Provider) 
RECITALS 


A. The Financer controls the following Bitcoin (BTC) addresses: 
(a) 12hRmmSda9qSSEH656zBakEbeisH6ZhdTm. 
(b) 12C9c9VQLMrLi4Ffzq2wDvwrKnUPaAaNFp. 
B. The Provider desires the intellectual property for the permitted use and to 
extend this for other purposes desirable to both parties. 
C. The Provider will use the funding for the development of several software 
products. 
D. The provider will return the loaned finances (in Bitcoin) on or before 01 July 
2013 and 30 Dec 2013. 
E. The Provider will remain completely confidential on all matters in this deed 
(including even that family members do not have knowledge of the transaction). 
F. The financer will send the following amounts (in Bitcoin) to to following address 
by 30 April 2011: 
(a) 165,140 BTC 
(b) IMSUvGS9BEjpL35CKu7feF4HaPCXv2cht7 
G. The financer will send the following amounts (in Bitcoin) to toe following 
address by 30 August 2011: ‘ 


f . 
a) §0,000BTC = / K PS 
(b) 1 JjtxXmbC95sgn5kE2Hm92axA7hcbDkRhK 


H. The Financer and the Provider wish to record the licence, which has been 
granted to the Provider to use the intellectual property in accordance with this 
deed. 

l. The Financer is the absolute owner of the entire unencumbered copyright in 
the works described in the schedule when complete. 

J. The Financer has agreed to license the works to the Provider and the Provider 
has agreed to accept such licence on the following terms and conditions. 


K. The provider will fund the software development using Bitcoin. 
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The Financer will provide 1,024 core Xeon and GPU based hardware solution. 
(a) It is acknowledged that two SGI ICE XE310 — 512 core hosts have 
been provided and are in a data centre specified by the provider 
(b) The provider will use these systems to mine Bitcoin 
(C) The provider expects to earn 12,000 BTC per month using these 
systems for the period to 30 June 2013 
(d) The systems will be hosted in the US at a facility managed by the 
provider. 
The provider will pay for the use of the systems and the loan as follows: 
(a) 250,000 BTC to be repaid on 30 June 2013 
(b) 90,000 BTC to be repaid on 30 Dec 2013 
(C) The developed software will be exclusively licensed perpetually to 
the financer (as of 30 June 2013). 
(d) The software may be used but not distributed by the provider. 
The contract is complete when 300,000 BTC have been repaid. 
It is agreed that the value of the loan to be repaid is $ AUD 20,000,000 in two 
parts (for a total of $40,000,000). 
The server systems will return to the Financer at the completion of the contract. 


ean noaeren 


On default, the contract is to be repaid in full to penne 


K 
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OPERATIVE PART 
1. Definitions 

In this deed: 

: (a) Business means the business operated by the Provider described as 
_ Such in the schedule: 

(b) Business day means a day, not being a Saturday. Sunday or gazetted 
public holiday, on which banks are open for commercial business where 
performance of an obligation under this deed is to take place: 

(Cc) Claim means, in relation to a person, a claim, demand, remedy, suit, 
injury, damage, loss, cost liability, action, proceeding, right of action, 
chose in action, claim for compensation or reimbursement or liability 
incurred by or to be made or recovered by or against the person, however 
arising and whether ascertained or unascertained, or immediate, future or 
contingent; 

(d) Commencement date means the date so specified in the schedule: 

(e) Confidential information means all technical and other information and 
know how, including all information and know how iR-any eye or machine 
readable form or other format, disclosed or given to the Provider from any 
source in respect of or incidental to: 

(1) The product: 


are 


(ii) The technology: A 
(ii) The Financer: and 
(iv) Any other information disclosed or given to the Provider by the 
Financer which is declared by the Financer to be confidential 
information; 
(f) Improvements means any improvement. modification. enhancement or 
derivative of the intellectual property arising during the term: 
(g) Intellectual property means: 
(1) The confidential information: 
(ii) The improvements: 


(iil) The patent; and a 


(iv) The trade mark: 
(n) Licence fee means the amount calculated and paid by the Provider to the 


Financer specified in the schedule. 
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(1) Notice means a written notice, consent approval, direction, order or other 
communication: 

(]) Obligation means any legal, equitable, contractual. Statutory or other 

: obligation, deed, covenant. commitment, duty, undertaking or lability; 

(kK) Patent means the registered patent or patent application including the 
provisional and complete specifications described in the schedule: 

(I) Permitted use means to conduct the business io exploit market, promote, 
develop, integrate, research, sell and conduct anc any other activity 
undertaken with respect to the product for profit or reward: 

(m) Product means the product described as such in the schedule: 

(n) Right includes a legal, equitable. contraciual, statutory or other right, 
power, authority, benefit, privilege, remeay. discretion or cause of action: 

(0) Technology means all that technical information which relates to or forms 
part of the product, including, without limitation. methodology, techniques, 
drawings, outlines, notes, algorithms. detailed designs, flow charts, 
results, software: partial or intermediate versions and prototypes, data, 
formulae and other proprietary information and know how in the 
Provider's possession or control or which is revealed to the Provider 
which relates to the product: 

(p) Term means the term set out in the schedule: and fo, 

(q) Trade mark means the registered trade mark, trade mark registration 


application and common law trademarks described in the schedule. 


2. nterpretation 
This deed is governed by the law of NSW and the parties submit to the non- 


exclusive jurisdiction of the courts of that state. 


in the interpretation of this deed: 

(a) References to legislation or provisions of iegislation include changes or 
re-enactments of the legislation and statutory instruments and regulations 
issued under the legislation: | 

(b) Words denoting the singular include the piural and vice versa: words (EF 
denoting individuals or persons include bodies corporate and vice versa: 


references to documents or deeds also mean those documents or deeds 


> 
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as changed, novated or replaced. and words denoting one gender include 
all genders: 

(Cc) Grammatical forms of defined words or phrases have corresponding 
meanings: 

(dq) Parties must perform their obligations on the dates and times fixed by 
reference to the schedule: 

(¢) Reference to an amount of money is a reference to the amount in the 
lawful currency of the Commonwealth of Australia: 

(f) If the day on or by which anything is to be done is a Saturday, a Sunday 
Or a public holiday in the place in which it is to be done, then it must be 
done on the next business day: 


(g) References to a party are intended to bind their executors, administrators 


and permitted transferees: and 
(nh) Obligations under this deed area, ior than one party bind them 
jointly and each of them severally. 
3. Licence / “a 
The Financer hereby grants to the Provider an axclueve Keooce to use the 


intellectual property for the permitted use on the terms of this deed. 


in consideration of the licence fee payable hereunder the Financer grants to 
tne Provider an exclusive transferrable licence to copy publish sell or otherwise 
use the works in the course of its business in Australia and/or Overseas in 


respect of the whole or any part of the works commencing on 01* July 2013. 






in consideration of the licence hereby granted to the Provider the Provider must 
pay a one off licence fee of $20,000,000 (GST exclusive) to the Financer on or 
before the 30" June 2013. The provider will also transfer the designated 


account of the provider: 


(a) 250,000 BTC to be repaid on 30 June 2013 
(b) 90,000 BTC to be repaid on 30 Dec 2013 
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The payment is to be issued in Bitcoin as per the schedule. 


4. Provider’s promises 
- (a) Undertakings 

The Provider undertakes to: 

(i) Use its reasonable commercial! endeavours to: 
(1) Preserve the value and validity of the intellectual property; and 
(2) Create, promote, retain, and enhance the goodwill in the 

intellectual property: 

(1) During the term and thereafter the termination of this deed not to 
allow or facilitate the use, nor exploit the intellectual property in a 
manner in any way detrimental to the Financer and not contravene. 
deny or contest the rights subsisting in the intellectual! property, and 
take such steps as may be appropriate and available to the Provider 
to prevent the infringement of any and all the rights subsisting in the 
intellectual property; 

(ill) In connection with the permitted use not give any warranty: 
(1) Beyond that which the Provider is obliged in law to give: or 
(2) Which has not been approved in writing by the Financer: 

(iv) To use the intellectual property only for the permitted use-and not for 


on 


any other use: we 
(v) Treat as confidential the confidential information except that which at 
the time of its disclosure to the Provider was generally available, or 
Subsequently became known to the public provided always that this 
covenant shall continue in full force and effect notwithstanding that 
this deed has terminated: and 
(vi) Devote all reasonable commercial endeavours jn the conduct and 
operation of the business. md 
(bo) Indemnity 
(1) The Provider hereby agrees to fully, effectually. and promptly 
indemnify the Financer against any loss, either direct or indirect, 
damage or expense whatsoever which the Financer may suffer or 
incur in respect of: 
(1) Any breach by the Provider of the provisions of this deed: or 
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(2) Any claim by any person against the Financer arising out of or 
iN respect of the exploitation of the intellectual property by the 
Provider: and 
(il) The Provider hereby irrevocably releases the Financer and waives 
all claims which the Provider May Nave in the future against the 
Financer, in respect of any action claim or remedy whatsoever in 
any way attributable to the exploitation of the intellectual property by 
the Provider. 


improvements 

If the Provider develops any improvements. the Financer hereby irrevocably: 

(a) Grants to the Provider the right to appiy for any ncfenta intellectual 
property rights available in respect of that improvement and in connection 
with such application, the Financer shall: 

(1) Make, supply and assist in the preparation of ail models, plans, 
drawings or specifications necessary or convenient for the proper 
understanding or development of the improvements: and 

(i!) Grant and do ail things necessary to give effect to an Assignment of 
the intellectual property rights in respect of the imptby 
Provider: _ 

(bo) Assigns, transfers and sets over absolutely to the Provider all right title 
and interest to the improvements including all claims as they relate to the 


improvements. 


GST 
(a) GST means a goods and services tax as defined in A New Tax System 
(Goods and Services Tax) Act 1999. 


(b) In respect of any taxable supply, the Provider must pay to the Financer an 
additional amount equal to the prevailing GST rate on the supply. The 
additional amount referred to in this clause is payable at the same time 
and in the same manner as the licence fee subject to the receipt by the 


Provider of a valid tax invoice, as defined in A New Tax System (Goods : 
and Services Tax) Act 1999. 
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7. Term and termination 





(a) Term 
This deed — on 04% July 201 the commencement date and will 
continue for the term unless It is earlier terminated. 

(b) Termination on notice 
Either party may terminate this deed by notice in writing to the other if the 
other party commits any breach of any provision of this deed. and has 
failed to remedy such breach within fourteen days of receipt of notice 
specifying: 

(i) The exact nature of the breach committed by the defaulti g party: 
and cM 


(ii) What is required by the defaulting party to remedy the breach: 


8. Licence fee 

(a) Payment of licence fee 
The Provider must Pay the licence fee specified in ule schedule to the 
Financer during the term. a 

(b) Late payment eel 
If the licence fee or any other monies payable by the Provider to the 
Financer remain unpaid for seven days after the due date for payment, 
whether or not formal demand has been made, then the Provider shall 
pay, in addition to any monies actually owing to the Financer. interest at 
the rate of 2% over the bank indicator lending rate nominated by the 
Financer on such monies from the date the payment actually fell due until 


such monies are recovered and paid to the Financer. 


9. Warranties by Financer 
The Financer warrants to the Provider that: 
(a) The Financer has the power and authority to enter into this deed: and 
(b) The intellectual property rights granted under this deed will not when used 
in accordance with this deed infringe the intellectuai property rights of any 


person. 
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10. Third party claim 

(a) Provided that the Provider is not in breach of its obligations under this 
deed, if a third party makes a claim against the Provider alleging that use. 
of the intellectual property infringes its intellectual property rights, the 
Financer will defend. indemnify and hold harmless the Provider from such 
a claim provided that the: 

(i) The Provider notifies the Financer in writing promptly of the claim: 

(i) The Provider provides such information, assistance and co- 
operation as the Financer may reasonably request and at its 
expense, from time to time: and 

(iii) The Financer has full discretion to defend. compromise or settle any 
such claim on such terms as the Financer deems fit. 

(b) If the Financer cannot satisfactorily settle the claim so as to retain 
Ownership of the intellectual property, its liability will be limited to 
terminating this deed, and refunding the Provider an amount equal to the 
portion of any licence fee paid for the period following termination. 

(c) Nothing in this clause authorises the Provider to elena: seein ROnISE or 


settle any claim on the Financer’s behalf. f 


11. Limitation of liability 
(a) Other than in respecrof a party's: 
(i) | Breach of the confidentiality provisions of this deed: or 
(i!) Infringement of another party’s intellectua! property rights: or 
(iii) Indemnification obligations under this deed: or 
(iv) Wilful misconduct. 

(b) Neither party will be liable to the other for any consequential, special or 
punitive damages arising out of this deed. Each party’s cumulative direct 
damages will be limited to the licence fee payable under this deed in the 
prior twelve month period. This clause survives the termination or 


expiration of this deed. 
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12. Assignment 
No party may assign its rights or obligations under this deed without the prior 
written consent of the other parties, which consent may be given or withheld, or 


given on conditions, in the absolute discretion of those other parties. 


13. Time 
The parties hereto agree that time shall in ail respects be of the essence in 


regards this deed. 


14. Notices 

A communication required by this deed. by a party to another, must be in 

writing and may be given to them by being: 

(a) Delivered personally; or 

(b) Posted to their address specified in this deed, or as later notified by them, 
in which case it will be treated as having nedh received on the second 
business day after posting; or 

(Cc) Faxed to the facsimile number of the party with acknowledgment of 
receipt received electronically by the sender, when it will be treated as 
received on the day of sending, or ; 

(d) Sent by email to their email address. when it will be ireated-as received 


on that day. 


15. Waiver or variation 
(a) A party's failure or delay to exercise a power or right does not operate as 
a waiver of that power or right. 
(b) The exercise of a power or right does not preclude: 
(1) ‘Its future exercise: or 
(ii) The exercise of any other power or right: or 
(ill) The variation or waiver of a provision of this deed or a party’s 


conseni to a departure from a provision by another party will be 
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ineffective unless in writing executed by the parties. 
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Counterpart 

This deed may be executed in any number of counterparts each of which will 
be an original, but counterparts together will constitute one and the same 
instrument, and the date of the deed will be the date on which it is executed by 


the last party. 


Costs 

(a) Each party will pay its own costs of and incidental to this deed. 

(b) The Provider will bear all duty payable on this deed and keep indemnified 
the Financer in respect of that liability. . 

(c) The Provider will bear all GST payable in’fespect of any supply under this 


deed upon receipt of tax invoice issued by the Financer. 


Escrow 

(a) The paper Bitcoin Wallet with address 
T933phthKSZgF QNLGSDXvqCn32k2buXY8a will be held by the financer 
as assurance or the contract and will convert to the ownership of the 
financer on defauit of the provider. 

(Db) All source code and agreements are to be held In_a-manner that the 


financer can access on default. 


me, 
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REFERENCE SCHEDULE 


Deed date: 01% April 2011 


Licence fee: (a) 250,000 BTC to be repaid on 30 June 2013 
(BD) 90,000 BTC to be repaid on 30 Dec 2013 


(ex GST) for exclusive perpetual assignment 


Product: Bitcoin and Exchange Software in C/C++/C#/R code 
Commencement date: 01% July 2011 
Term: | Two (2) years 
Trademark: All Marks Associated with CO1N and associated marks 
To be filed 
Patent: All IP under “— / 002 / 003 / 004 (- 
w4 
ie 
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SIGNED AS A DEED 
Executed by 
W & K Info Defense LLC | 
in accordance with s.127 
Corporations Act 2001 (CTH) and its constitution ) 


d) Me Kheeman 


Dave Kleiman 
DIRECTOR 


Executed by 
Craig Wright R&D (A.B.N. 97 481 146 one a 


roe 
a fe 





Vf 
Craig SMrig ht 


’ cy 
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Company: 
- Company details 
Date company registered 17-04-2013 


Company next review 47-04-2014 
date 


Company type Australian Proprietary Company 
Company status Registered 

Home unit company No 

Superannuation trustee No 

company 

Non profit company No 


Registered office 


Australian Securities & Investments Commission 


COIN-EXCH PTY. LTD. ACN 163 338 467 


Forms Manager 
Company Officeholders 


LEVEL 5 , 32-38 DELHI ROAD , MACQUARIE PARK NSW 2113 


Principal place of business 


LEVEL 5 , 32-38 DELHI ROAD , MACQUARIE PARK NSW 2113 


Officeholders 

WRIGHT, CRAIG STEVEN 

Born 23-10-1970 at BRISBANE QLD 

43 ST JOHNS AVENUE , GORDON NSW 2072 


Office(s) held: Director, appointed 17-04-2013 
| Secretary, appointed 17-04-2013 


Company share structure 


Share Share description 





Number issued Total amount paid 


This is the anne nurs mathad wih His le prvterad Inthe avi. 


alain rnitdrrariegalyn 
on the Ly day @ 


One page gnly Lap 


ee RICHOLAS yl ath McDONALD 
Justice of the Peace Registration 105174 







Total amount 


class unpaid 
FOU FOUNDERS 21500000 21500000.00 0.00 
ORD ORDINARY 20000000 20000000.00 0.00 
Members 

PANOPTICRYPT PTY LTD 43 ST JOHNS AVENUE , GORDON NSW 2072 

Share class Total number held Fully paid Beneficially held 
ORD 17000000 Yes No 
DENARIUZ SG 108 NAMLY AVE , SINGAPORE , SINGAPORE 

Share class Total number held Fully paid Beneficially held 
ORD 3000000 Yes Yes 


WRIGHT , CRAIG STEVEN 


43 ST JOHNS AVENUE , GORDON NSW 2072 : | 
Fully paid Beneficially bet 
O 


Share class Total number held 
FOU 21500000 Yes 
httos:/Awww.edg e.asic.g ov.au/004/compportal ?update/req uestViewC ompany/s=515b8c4 1 fic534d8fec750629c0af3292b32657 1/2 
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Date: 4/22/2011 
Invoice # 1253 


omen Ape mavcre ee a 


5S 


SPENSER RES UA IAVRY HEI LIEHANG IOAN 


ON INEYR 
vee Adnan 


W&K INFO DEFENSE RESEARCH Craig Wright R&D oo Craig Wright R&D 
LLC ABN 97 481 146 384 ABN 97 481 146 384 
4371 NORTHLAKE BLVD #314 | 51 Cowangarra Rd 51 Cowangarra Rd 
PALM BEACH GARDENS Bagnoo NSW 2446 Bagnoo NSW 2446 
FL 33410 +61 417 683 914 +61 417 683 914 


561.310.8801 Customer ID CWROOL Customer ID CWRDOL 
dave@davekleiman.com 


~o 
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- Dave A Kleiman _ BAA 001 ~ Software NA | By Contract 7 Due on receipt 30 30 Apr 2011 
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165,140 - Bitcoin BTC loan @ USD 0.88 0.88 145,323 
50,000. Bitcoin” BTC loan @ USD 0.88 0.88 44,000 
2 _ SGI System SGI ICE XE310 lease 4,411,500 8,823,000 
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vinblastine 


Lo) Software Per agreement 20,000,000 20,000,000 
: BAA 11-02-TTA O1- 
0127-WP 
BAA 11-02-TTA 09- 
0049-WP 
BAA 14-02-TTA O1- 
0025-WP 
BAA 11-02-TTA O1- 
0127-WP 


BAA-001 650,000. 650,000 


LADeABA INE NMED ted ew 


oj 7 BAA-002 2,200,000 2,200,000 


BAA-003 1,200,000 1,200,000 


- BAA-004 1,800,000 1,800,000 
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Total Discount 


; 

i 

Subtotal 34,862,323 
Sales Tax 


Total 34,862,323 
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From Wikipedia, the free encyclopedia 
Dave Kleiman (1967 - 2013)!!! was a noted Forensic Computer Deana 
Investigator, an author/coauthor of multiple books and a noted speaker Dave Kleiman 


‘at security related events. [2I[SII41 | Born 1967. 
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Occupation Forensic Computer Investigator 
« 1 Computer security & forensics 
Website 
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Computer security & forensics 


For a number of years in the 1990s, Kleiman was a sworn law enforcement officer for the Palm Beach County 
Sheriffs Office (PBSO)./SII4] While there, he attained the rank of detective. Also, while at the PBSO, he worked as a 
System Security Analyst in the Computer Crimes Division and also helped set up the Computer Forensics Lab.|SI/41 


Dave Kleiman is a regular contributor to a wide array of online forums and mailing lists where he assists network 
engineers and other IT professionals of varying levels in solving their issues, regardless of the level of difficulty 
involved. Kleiman is also well known as an advisor to engineering professionals in numerous industries. [2I[S1I41] 


Dave also regularly volunteers his time and expertise assisting local and federal law enforcement agencies in cases 
both domestic and international in scope. 


He is the creator of the "one-shot server lockdown utility" S-lok for Microsoft Windows servers. SII4] 


On January 1, 2007 he was named Microsoft MVP for Windows - Security 


Publications 


Co-author: Microsoft Log Parser Toolkit; Syngress Publishing; ISBN 1-932266-52-6 

Co-author: Security Log Management: Identifying Patterns in the Chaos; Syngress Publishing; ISBN 1-59749- 

042-3 

# Technical editor: Perfect Passwords: Selection, Protection and Authentication; Syngress Publishing; ISBN 1- 
59749-041-5 ) 

« Technical editor: Winternals Defragmentation, Recovery, and Administration Field Guide; Syngress 
Publishing; ISBN 1-59749-079-2 

« CD and DVD Forensics: Technical Editor, ISBN 1-59749-128-4 

* How to Cheat at Windows System Administration: Contributing Author, ISBN 1-59749-105-5 

» Enemy at the Water Cooler: Real Life Stories of Insider Threats, Technical Reviewer, ISBN 1-59749-129-2 

« Rootkits for Dummies: Technical editor, ISBN 978-0-471-91710-6 

# Windows Forensic Analysis Including DVD Toolkit: Technical Editor, ISBN 1-59749-156-X 

e The Official CHFI Study Guide (Exam 312-49): Co-Author, ISBN 1-59749-197-7 


th 
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External links 


# Dave Kleiman's personal web site (http://www.davekleiman.com) 

« Palm Beach County Sheriffs Office (http://www. pbso.org) 

e CastleCops (http://www.castlecops.com) 

Microsoft MVP Program (https://mvp.support.microsoft.com/mvpexecsum) 

Microsoft MVP profile (https://mvp.support.microsoft.com/profile=C4ED32CD-9982-45F 2-8636- 
BDE271CODAC2) 


Retrieved from “http://en. wikipedia. org/w/index.php?title=Dave_Kleiman&oldid=553157307" 
Categories: 1967 births | 2013 deaths | People associated with computer security 
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Text is available under the Creative Commons Aitribution-ShareAlike License; additional terms may 
apply. By using this site, you agree to the Terms of Use and Privacy Policy. 
Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. 
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Craig S Wright 





From: Carter Conrad <carter@computerforensicsllc.com> 

Sent: Tuesday, 30 April 2013 1:23 AM 

To: Patrick Paige 

Cc: Bill Long; Greg Kelley; Craig Ball; Matthew Shannon; Jerry Hatchett; Eric Robi; Greg 


° Freemyer; Paul Henry; Craig S. Wright; Scott Moulton’; Wayne Marney; Bob Bell: Bill 
Dean; Kimon Andreou; Greg Kelley 
Subject: Dave Kleiman 


As close friends of Dave, Patrick and | wanted to let you know in advance of any general posting that we have lost a dear 
friend and colleague... 

As most of you are aware Dave was battling an infection from 2010, and had never fully recovered in the 2 %+ years that 
followed. 

Dave died in his home in Palm Beach Gardens of, what is being told to us, natural causes. 

At this time no further details are available, although there are plans for a memorial, and these will be pasted on as they 
become available. 


Carter V Conrad, Jr 

Computer Forensics, LLC 

1880 N. Congress Avenue, Suite 333 
Boynton Beach, Florida 33426 
Phone: (561) 404-3074 

Cell: (561) 502-3935 


www.ComputerForensicsLLC.com 


The information contained in this e-mail message is intended only for the personal and confidential use of the recipient(s) named above. This 
message may be an attorney-client communication and/or work product and as such is privileged and confidential. If the reader of this message is 
not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this 
document in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this 
communication in error, please notify us immediately by e-mail, and delete the original message. 
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Summary 

Address izhRmmSda9qS SEH656zBakEbeisH6ZhdTm 
Short Link nttp://blockchain. info/fo/4 2hrrmam 

Tools Taint Anaiysis - Related Tags - Unspent 
Transactions 


No. Transactions 
Total Received 
Final Balance 
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Transactions 


1PWrde1 JjL8wy6uzKzb5d3pCxkNLyY m5vi1 
TJjixxmbC95sgn5kE2Hm92axA7hcbDkRhkK 


796187f76168cd0ca2ff6c31967 fe28242429cec320e. . 


izhRmmSdaSqSSEH656zBakEbeisH6ZhdTm 
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Home Charts Stats Wallet 





Summary 
Address TMSUVGSSBEipL35CKu7feF4Ha 
Short Link nttp://blockchain.info/fo/imsuv 
Tools Taint Analysis - Related Tags - Unspent 
Transactions 
No. Transactions 2 
Total Received 5 
Final Balance § 0.00 


Request Payment _ Donation Button 





Transactions 


0127f30f1 1 1S2b3df1 1904401613b1b972a5408682.. 


1B4JidD4jGUW BehtGF2P hb4BxeN2ytk Txh 
1GEeroqocswEazxzeNAJh3KPPD7C61 XY 2H 


62fec42dd4370e0acae88b3fe2a997 0bb56aSd4bitc... 


IMSUVGSQ9BEjpL35CKu7feF4HaP CX2cht7 


blockchain.info/address/1M SU vGS9BEjpL35C Ku7feF 4HaPC Xvecht7 


CONFIDENTIAL 








Filter 


2011-04-29 03:20:56 


2011-04-29 03:20:56 


1/2 
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_ summary 
Address IMSUvGS9BEjpL 35CKu7feF4HaPCKecht7 
Short Link http://blockchain.info/fb/imsuv 
Tools Taint Analysis - Related Tags - Unspent Outputs 
Transactions 
No. Transactions 2 
Total Received 165,140 BTC 
Final Balance 0.00 BTC 


_ Request Payment — Donation Button 





Transactions 


07121730f1 1 152b3dM 1904401613b1b972a5408682. .. 


sonore 
a 
= 
ead 


1B4JidD4;|GUW BehtGF 2Phb4B xeN2y 
1GEerogocswEazxzeNAJh3KPPD7C61XY 2H 


62fec42dd43/0e0aceaeSSb3fe2a99 70bbS6aSd4bi0c... 


IMS UvGS9BEjpL35CKu7feF4HaPCXv2cht7 


blockchain.info/address/1M SUVGS9BEjpL35C Ku7feF4HaPC Xv2cht7 
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Filter 





2011-04-29 03:20:56 


2011-04-29 
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"Home Charts Stats Wallet 





Summary 


Address 1Z2zhRmmSdaSqSSEH656zBakEbeisH6ZhdTm 
Short Link http: //blockchain.info/fb/12hrram 


Tools 


Transactions 


No. Transactions 2 


Total Received 334,587 .42424242 BTC 


Final Balance | 6.00 BTC 


_ Request Payment _ Donation Button 





Transactions Filter 





ddb352955903db83f76edb85f2121051859b2f41a3... 2011-08-27 02:29:26 


iPWrSe1JjL8wy6uzKzb5d3pCxkNLYm5vt1 
TujixxmbC9Ssgn5kE2Hm92axA7hcbDkRhK 





796187f76168cd0ca2ffi6c31967fe28242429cec320e... 2011-08-27 0 226 


12hRmmSda9qSSEH656zBakEbeisH6ZhdTm 


blockchain.info/address/12hRmmSda9q SSEH656zBaKEbeisH6ZhdTm 1/2 
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Statutory Declaration 
OATHS ACT 1900, NSW, EIGHTH SCHEDULE 


I, Stephen D'Emilio, of Level 3, 2 Bligh Street, Sydney, in the State of New South Wales, 
Solicitor, do solemnly and sincerely declare that: 


1. | am the solicitor acting for Mr Craig Wright and Hotwire Pre-emptive Intelligence Pty 
Ltd. 


2. On 11 October 2013, Mr Wright came into my office and showed me his HTC mobile 
phone (Wright mobile). 


3. On the screen of the Wright mobile, | viewed and verified the following Bitcoin wallet 


addresses: 


(i) 1JzzLXxuwn45S9HvBgAhkhWa3GhyG3zm64: 

(ii) 168Rc6wJdL4chWhEUQwyywi4sHub6erf2s; 

(iil) 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF; 

(iv)  1933phfhK3ZgFQNLGSDXvqCn32k2buXY8a; and 

(v) 16cou/Ht6WjTzuFyDBnhtShmvxXytg6XdVT (Bitcoin wallet addresses). 


4, | viewed the Bitcoin wallet addresses by scrolling down the screen on the Wright 


mobile. 
5. It appeared to me that if Mr Wright wanted to, he could control all of, and make 


transactions in, the Bitcoin wallet addresses. 


6. | make this solemn declaration conscientiously believing the same to be true and by 
virtue of the provisions of the Oaths Act 1900. 


Declared at Sydney on 11 October 2013 


i 


Vv Stephen D’Emilio 
in the presence of an authorised witness, who states: 


|, Adrian Fong, a solicitor certify the following matters concerning the making of this statutory 


declaration by the person who made it: CP 
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(i) | saw the face of the person; 


(ii) | have known the person for at least 12 months. 





11 October 2013 
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Craig S Wright 
From: BAA Program Support Office <dhsbaa@reisys.com> 
Sent: Wednesday, 2 March 2011 8:56 AM 
To: Craig S. Wright; Craig S. Wright; Craig S. Wright 
Subject: BAA BAA 11-02-TTA 09-0049-WP Upload Received 


Your upload has been received electronically at the DHS BAA Support Office. 

BAA 11-02 Proposal #: BAA 11-02-TTA 09-0049-WP : 
Proposal Title: Risk Quantification . | 
Company Name: W&K INFO DEFENSE RESEARCH LLC 

White Paper Uploaded on: 03/01/11 04:55 PM EST 
File Name: BAA 11-02-TTA 09-0049-WP Risk Quantification.pdf 
File Type: Portable Document Format 
File Size: 357845 bytes 

Uploaded by: Craig S. Wright 

This is your official confirmation of receipt. Please save this email for your records, as no other receipt will be provided. 

Thank you for your participation in the DHS BAA Program. 

Please login to the portal at https://baa2.st.dhs.gov/portal/BAA/ 


If you have any questions, please contact DHS Technical Support at dhsbaa@reisys.com or call (703) 480-7676 


Sincerely, 
DHS BAA Program Support 


aiggavil 
Cee 


This ig the anogure atht ih the age valet Kali te 





venfinpligne mi ati, 


a the 


| 8s o (OLAS CHARLES MCDONALD 
Page 1 of ¢, pag? iw: oes ane Registration 105174 
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Craig S Wright 
From: BAA Program Support Office <dhsbaa@reisys.com> 
Sent: Wednesday, 2 March 2011 9:00 AM 
To: Craig S. Wright; Craig S. Wright; Craig S. Wright 
Subject: BAA BAA 11-02-TTA 01-0127-WP Upload Received 


Your upload has been received electronically at the DHS BAA Support Office. 
BAA 11-02 Proposal #: BAA 11-02-TTA 01-0127-WP 
Proposal Title: Software Assurance through Economic Measures 
Company Name: W&K INFO DEFENSE RESEARCH LLC 
White Paper Uploaded on: 03/01/11 04:59 PM EST 
File Name: BAA 11-02-TTA 01-0127-WP Software Assurance through Economic Measures.pdf 
File Type: Portable Document Format 
File Size: 290708 bytes 
Uploaded by: Craig S. Wright 


This is your official confirmation of receipt. Please save this email for your records, as no other receipt will be provided. 


Thank you for your participation in the DHS BAA Program. 


Please login to the portal at https://baa2.st.dhs.gov/portal/BAA/ 


If you have any questions, please contact DHS Technical Support at dhsbaa@reisys.com or call (703) 480-7676 


Sincerely, 
DHS BAA Program Support 
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Craig S Wright 
From: BAA Program Support Office <dhsbaa@reisys.com> 
Sent: Wednesday, 2 March 2011 10:46 AM 
To: Wright, Craig S.; Wright, Craig S.; Wright, Craig S. 
Subject: Submission confirmation of your DHS BAA Program Proposal # BAA 11-02-TTA 


01-0127-WP 


Your proposal has been received electronically at the DHS Program Support Office. 


BAA 11-02 White Paper Proposal #: BAA 11-02-TTA 01-0127-WP 
Proposal Title: Software Assurance through Economic Measures 
Company Name: W&K INFO DEFENSE RESEARCH LLC 


Proposal Details: 
Cover Sheet A completed on: 02/16/11 02:33 AM EST 
Cover Sheet B completed on: 02/16/11 12:50 AM EST 
White Paper Upload completed on: 03/01/11 04:59 PM EST 
File Name: BAA 11-02-TTA 01-0127-WP Software Assurance through Economic Measures.pdf 
File Type: Portable Document Format 
File Size: 283 KB bytes 
Submitted electronically by: Wright, Craig S. 
This is your official confirmation of receipt. Please save this email for your records, as no other receipt will be provided. 
Thank you for your participation in the DHS BAA Program. 
Please login to the portal at https://baa2.st.dhs.gov/portal/BAA/ 
If you have any questions, please contact DHS Technical Support at dhsbaa@reisys.com or call (703) 480-7676 


Sincerely, 
DHS BAA Program Support 


ES» 
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Craig S Wright. 
From: BAA Program Support Office <dhsbaa@reisys.com> 
Sent: Wednesday, 2 March 2011 10:53 AM 
To: Wright, Craig S.; Wright, Craig S.; Wright, Craig S. 
Subject: Submission confirmation of your DHS BAA Program Proposal # BAA 11-02-TTA 


09-0049-WP 


Your proposal has been received electronically at the DHS Program Support Office. 


BAA 11-02 White Paper Proposal #: BAA 11-02-TTA 09-0049-WP 
Proposal Title: Risk Quantification 
Company Name: W&K INFO DEFENSE RESEARCH LLC 


Proposal Details: 
Cover Sheet A completed on: 02/16/11 02:30 AM EST 
Cover Sheet B completed on: 02/16/11 01:22 AM EST 
White Paper Upload completed on: 03/01/11 04:55 PM EST 
File Name: BAA 11-02-TTA 09-0049-WP Risk Quantification. pdf 
File Type: Portable Document Format 
File Size: 349 KB bytes 
Submitted electronically by: Wright, Craig S. 
This is your official confirmation of receipt. Please save this email for your records, as no other receipt will be provided. 
Thank you for your participation in the DHS BAA Program. 
Please login to the portal at https://baa2.st.dhs.gov/portal/BAA/ 
If you have any questions, please contact DHS Technical Support at dhsbaa@reisys.com or call (703) 480-7676 


Sincerely, 
DHS BAA Program Support 


” 
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Skip Navigation 
- Contact Us 


Aphis im 
fe Loren o 





DHS Broad Agency Announcements (BAA) Program Portal 
BAA Home 


Basic Research Focus Areas 
High Priority Technology Areas 
Solicitations 

~~ Current Solicitations 

.. Past Solicitations 
solicitation Awards 
Proposal Submission 
Awardee Portal 
News And Events 
S&T Directorate Events 
ST Directorate SBIR Website 


Privacy Policy 
FAQs 


Program Portal 


00 008080UCOUCOOUCONUCUCOOUCOWUlUMRRlUCOOUlCUle le 


Registration Form 


Please do not register yourself MORE THAN ONCE! 


BAA Program 


Fill in your registration information below. If there are errors on the registration form, you will be asked to re-enter the Company PIN 
and user password. (Note: For security reason, this page will expire after 20 minutes of inactivity.) 





* Required Information 
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COMPANY INFORMATION 


ALLE AELARA EAE ELE LAO CYL EEL ELLE LEELE LEER AE ELLE ET AN HEPA ELE LEAD EARL AEG RLRAL ALLL DRL AW ht EI EEO EE EE EME CIE EEE PAH A beat eat a RE ba a ee 


*Company Name: W&K INFO DEFENSE RESEARCH LLC 
TIN: 274997114 
*Address (Line 1): 4371 Norhtlake BlVd#314.0=«C@2C~C~C~C~C—C—C“‘SC~*™*W 
' . eR one iaieaennl emma: mail us if YOU Heed 10 Modify 
Address (Line 2): [ nett 


RELA aE IE LIL EBL OEE A APE CLEOEEMERENEEOETR DRONE LER ELGG GEE ABE REED BO NE 


“City: [Palm Beach 


State: FL 
*ZIP +4; 33410 -(6253 Need help for ZIP+4? 


* " oa i ; 
Phone: [561-310-8801 Company's Phone and Fax. Enter 
paw ee only numbers 


RA PD Ot re Aha tre od tl 


*CEO/President's E-mail: ldave@davekleiman.com 


9-digit Data Universal Number 
DUNS + 4: | - | Whatis DUNS? System plus a 4-digit suffix given 
by parent concern 


CAGE Code: | ~ _How dol geta CAGE? 
Sic: |  Whatis a SIC? 
FICE: [ What is a FICE? 
ee eee POV eral Ue 
Company URL: [nttp:/Avww.information-defense.com/ (http:/www.example.com) 
*Year of Company ere 
Founded: [2011 
*Company PIN: caccoe Why do you need a PIN? Should be all numeric; no blank 
Sass spaces allowed. Length must be 
*Confirm Company PIN: leece oe between 4-6 numbers. 


COMPANY POINT OF CONTACT INFORMATION 


*Salutation: [MoS 

*First Name: [craig ~=SC=<CSCS;7SX; PSC<StS 
Middle Initial: [S 

*Last Name: Wright 


*Title: jLead Researcher 


*Phone: 61 (417) 683 914 —Ext[ 


PAL AEL ELAR ECLE AEA ROLL AOOD EOE EEOEL ED REPL EEL EEL PEELE OL OTR LEAL EEE CH 
Fa X : 
. 


*E-mail Address: [craig. wright@information-defense.c Important! Fill out carefully 


*Confirm E-mail craig. wright@information-defense.c . 
AaAties: craig. wright@information-defense.c Re-enter E-mail Address 


USER INFORMATION 


Enter only numbers 


i” Check here if you are also the Company Point Of Contact. (This will pre-populate your information.) 


*Salutation: | Mr. 
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“First Name: [Craig 


alee al Ne 8 Ni at ee 


Middle Initial: [S 


P *Last Name: Wright 


ELIE EAE ECOL LOE EE OIS LESLEY OED OE AL DE EET EED EEE EEDA ELEL ELL CRLEE OLE LEELA EAA EEL EAEENE PRA SL 


“Title: Lead Researcher 
*Phone: (61 (417) 683 914 Ext{ 


Enter only numbers 





Basi ina ere tremens eae 
*E-mail Address: craig. wright@information-defense.c Important! Fill out carefully 
perp craig. wright@information-defense.c Re-enter E-mail Address 
Only alphanumeric characters 
*Username: (CraigWright and underscores are allowed. 





Username must be at least 8 
characters. 


7 ae Your password must be at least 8 
*Password: loeeccccocecccecsce characters long and must have 
an upper case, a lower case, a 
number, and a special character. 
Le eee Oe ee te eae ee eee = Your new password cannot 
“Confirm Password: locecccescccvccccce repeat any of your 8 previous 
passwords. 











Check here if you want to list yourself as a contact for 


PIN Contact: 
Company's PIN. 


Additional Authentication (used if you forget your password) 


*Select your question: | Who is your favorite person? —_ You will be prompted with this 
question and a new password 


Sa : __. __ _ will be issued automatically if 
pawel 7 = Myself your answer matches the one 
question: you give here 






* Required Information 






(7/07) 


e U.S. Department of Homeland Security 
e Science & Technology 

S&T Directorate SBIR Website 
OSDBU 

SAFETY Act 

SECURE Program 

Contact Us 
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Craig S Wright 
nS SCADA SOS ui IAS Sa RDS NSO TR eT NEE AE NS SE ESSA ER TT NDE EA RSET | 


From: Dave Kleiman <dave@davekleiman.com> 
Sent: Wednesday, 16 February 2011 2:22 PM 
To: craig.wright@Information-defense.com 
Ce: lynn.wright@information-defense.com 
Subject: RE: Registration - TTA1 

Attachments: W&kK Info Defense Research LLC - 08.pdf 
Importance: High 


Look over the attached real quickly. 

Let me know if it is ok. 

Or should the PoC be in the US??_ | see anon US vendor on the list. 
Pay special attention to “Additional Authentication" 


Dave 


From: Craig S Wright [mailto:craig.wright@information-defense.com] 
Sent: Tuesday, February 15, 2011 22:04 


To: Dave Kleiman 
Subject: RE: Registration - TTA1 


51 Cowangarra Rd 
Bagnoo, New South Wales, 2446 
AU 


The other is not any longer 


From: Dave Kleiman [mailto:dave@davekleiman.com] 
Sent: Wednesday, 16 February 2011 1:08 PM 


To: craig.wright@Information-defense.com; lynn.wright@information-defense.com 
Subject: RE: Registration - TTA1 

Are either of these your current address? 

51 Cowangarra Rd 

Bagnoo, New South Wales, 2446 


AU 


Level 19, 2 Market Street 
Sydney, NSW 2000 
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AU 


-----Original Message----- 

From: Dave Kleiman 

Sent: Tuesday, February 15, 2011 14:13 

To: 'craig.wright@Information-defense.com’; ‘lynn.wright@information-defense.com’ 
Subject: RE: Registration - TTA1 


It is under vendor registration that it requested DUNS see: 
-//www.fbo.gov/?s=main&modezlist&tab=register&subtab 





Dave 


From: Dave Kleiman 

Sent: Tuesday, February 15, 2011 07:29 

To: 'craig.wright@Information-defense.com’; ‘lynn.wright@information-defense.com’ 
Subject: RE: Registration - TTA1 

Importance: High 


Last page of attached. Do you think I can list you as mgr or mgrm with a foreign address, or you think they would kick it 
back? 


Dave 


From: Dave Kleiman 
Sent: Tuesday, February 15, 2011 06:35 


To: 'craig.wright@Information-defense.com’; lynn.wright@information-defense.com 
Subject: RE: Registration - TTA1 


Did you already create a username and password? 


From: Craig S Wright [mailto:craig.wright@information-defense.com] 
Sent: Tuesday, February 15, 2011 04:48 


To: Dave Kleiman; lynn.wright@information-defense.com 
Subject: Registration - TTA1 


The first is to do with the attached papers... 


TTA O1 
<httos://baa2.st.dhs.gov/portal/action/processRequest.action ?eurl=-AAAAAAEytBoAAAEuKK8xREAUQUVTLONCQyS9QS0 
NTNVBhZGRpbmcAgAAQABAAAQIDBAUGBwelCesMDO4PAAAAYMUP8ssYOu8SxeEfoomaq%2F3izhM%2F3rhiRC7iE1fh3 
miIMXOKybniNrHVavYBxleeYUN3%2F6NSLR&8PelISRUIOV6vICWkXCDFPva9gwzP%2 BLENcP3DCCUZ%2 FICxvX0415tuR%2B 


tigAU7aqgi30%2B%2FBa8MygMsxUmvQKEcduQ%3D#HO> - Software Assurance 








White paper title Software assurance through economic measures 


ae 
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This also leads to the following one with: 


TTA 14 


<https://baa2.st.dhs.gov/portal/action/processRequest.action?eurl=AAAAAAEytBoAAAEuKK8xREAUQUVTLONCQY9QS0 
NTNVBhZGRpbmcAgAAQABAAAQIDBAUGBweJCgsMDQ4PAAAAYMUP8ssYOu8SxeEfopmg%2F3izhM%2F3rhjiRC7iIE1fh3q 


miMXOKybniNrHVavYBxleeYUN3%2FENSLR8&PelSRUjOV6vicWkXCDFPvqSgwzP%2BLENcP3DCcUZ%2FiCxvxX0415tuR%2B 
tigAU7aqgi30%2B%2FBa8MygMsxUmvOKEcsuQ%3D#13> - Software Assurance MarketPlace (SWAMP) 


White paper title Software derivative markets 
And 


Information Security risk markets 


Greyfog (last email) should also come under TTA 05 


<https://baa2.st.dhs.gov/portal/action/processRequest.action? eurlz=AAAAAAEyVtBoAAAEUKK8xREAUQUVTLONCQy9QS0 

NTNVBhZGRpbmcAgAAQABAAAQIDBAUGBwgJCgsMDQ4PAAAAYMUP8ssYOu8SxeEfopmg%2F3izhM%2F3rhiRC7iE1fh3q 
miMxXOKybniNrHVavYBxleeYUN3%2FENSLR8PelSRUjOy6vicWkXCDFPvg9ewzP%2BLENcP3DCcUZ%2FiCxvX0415tuR%2B 
tigAU7aqi30%2B%2FBas8MygMsxUmvOKEcduQ%3D#4> - Secure, Resilient Systems and Networks 


Dr. Craig S Wright <http://gse-compliance.blogspot.com/> GSE-Malware, GSE-Compliance, LLM, & ... 


Information Defense <http://www.information-defense.com/> Pty Ltd 


Mobile: 0417 683 914 


Description: Logo4 
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Proposal White Paper (Type I \ 
BAA number, ° BAA 11-02-TTA 01-0127-WP 
Title of proposal; Software Assurance through Economic Measures 
Name of offeror W&K INFO DEFENSE RESEARCH LLC 
Administrative Contact: Dave Kleiman 
Company Name: W&K INFO DEFENSE RESEARCH LLC 


Mailing Address (Line 1): 4371 Norhtlake Blvd #314 
Mailing Address (Line 2): 


City: Palm Beach 

State & Zip Code: FL 33410 - 6253 

Phone: 5613108801 

Fax: NA 

TIN: 274997114 

Technical Contact: Craig Wright 

Company Name: W&K INFO DEFENSE RESEARCH LLC 


Mailing Address (Line 1): 4371 Norhtlake Blvd #314 
- Mailing Address (Line 2): 


City: Palm Beach 
State & Zip Code: FL 33410 - 6253 
Phone: +61 2 4362 1512 
Fax: NA 

TIN: 274997114 


W&K INFO DEFENSE RESEARCH LLC is a Joint Venture Company between a US Vet. 
Owned Enterprise and an Australian Research Company. 


Amount Requested (in dollars): $650000.00 
Duration: 4 36 months 
Requested Starting Date: 07/04/2011 
Business Type: Small Business 
1 | Pa ge 


/y 
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Executive Summary 


The deficiency of published quantitative data on software development and systems design has 
been a major ground for software engineering’s failure to ascertain a proper scientific 
foundation. Past studies into coding practice have focused on software vendors. These 
developers have many distinctions from in-house projects that are not incorporated into the 
practices and do not align well with in-house corporate code development. In the past, building 
software was the only option but as the industry developed, the build vs. buy argument has 
swung back towards in-house development with the uptake of Internet connected systems. In 
general, this has been targeted towards specialized web databases and online systems with office 
systems and mainstream commercial applications becoming a ‘buy’ decision. 


As companies move more and more to using the web and as ‘cloud applications’ become 
accepted, in-house development is becoming more common. This paper uses an empirical study 
of in-house software coding practices in Australian companies to both demonstrate that there is 
an economic limit to how far testing should proceed as well as noting the deficiencies in the 
existing approaches. 


1.1 Related Work 


Other studies of coding processes and reliability have been conducted over the last few decades. 
The majority of these have been based either on studies of large systems and mainframe based 
operations or have analyzed software vendors. In the few cases where coding practices within 
individual organization have been quantitatively analyzed, the organizations have been nearly 
always large telecommunications firms or have focused on SCADA and other critical system 
providers. 


Whilst these results are extremely valuable, they fail to reflect the state of affairs within the vast 
majority of organizations. With far more small to medium businesses coupled with 
comparatively few large organizations with highly focused and dedicated large scale 
development teams (as can be found in any software vendor), an analysis of in-house practice is 
critical to both security and the economics of in-house coding. 


As the Internet becomes all persuasive, internal coding functions are only likely to become more 
prevalent and hence more crucial to the security of the organization. 


1.2 Our contribution 

We intend to present an analysis using empirical studies to determine and model the cost of 
finding, testing and fixing software bugs. We model the discovery of bugs or vulnerabilities in 
using quantitative functions and calculate the defect rate per SLOC (source line of codes) using 
Bayesian calculations. 

The end solution to the limited and sub-optimal markets that currently exist would be the 


creation of Hedge funds for software security. Sales in software security based derivatives could 
be created on forward contracts. One such solution is the issuing of paired contracts (such as 
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exist in short sales of stocks ). The first contract would be taken by a user and would pay a fixed 

- amount if the software has suffered from any unmitigated vulnerabilities on the (forward) date 
specified in the contract. The paired contract would cover the vendor. If the vendor creates 
software without flaws (or at least mitigates all easily determinable flaws prior to the inception 
of the contract) the contract pays them the same amount as the first contract. 


This is in effect a 'bet' that the software will perform effectively. Ifa bug is discovered, the user 
is paid a predetermined amount. This amount can be determined by the user to cover the 
expected costs of patching and any consequential damages (if so desired). This allows the user to 
select their own risk position by purchasing more or less risk as suits both the risk tolerance and 
the nature of the user's systems. 


Such a derivative (ifan open market is allowed to exist) would indicate the consensus opinion as 
to the security of the software and the reputation of the vendor. Such an instrument would allow 
software vendors and users to hedge the risks faced by undiscovered software vulnerabilities. 
These instruments would also be in the interest of the software vendor's investors as the ability to 
manage risk in advance would allow for forward financial planning and limit the negative impact 
that vulnerability discovery has on the quoted prices of a vendors capital. 


This project will model the security of software coding practices in a manner that will lead to 
fewer economic externalities 


Utility to Department of Homeland Security 


The game theoretic approach to this can be modeled looking at the incentives of the business and 
programming functions in the organization. Programmers are optimists. As Brooks noted, "the 
first assumption that underlies the scheduling of systems programming is that all will go well". 
Testing is rarely considered by the normal programmer as this would imply failure. However, the 
human inability to create perfection leads to the introductions of flaws at each stage of 
development. 


Technical Approach 


Just as car dealers buff the exterior and detail the upholstery of a used car, neglecting the work 
that should be done on the engine, software vendors add features. Most users are unlikely to use 
even a small fraction of these features, yet they buy the product that offers more features over the 
more secure product with fewer features. The issue here is that users buy the features over 
security. This is a less expensive option for the vendor to implement and provide. 


The creation of a security and risk derivative should change this. The user would have an upfront 
estimate of the costs and this could be forced back to the software vendor. Where the derivative 
costs more than testing, the vendor would conduct more in-depth testing and reduce the levels of 
bugs. This would most likely lead to product differentiation (as occurred in the past with 
Windows 95/Windows NT). Those businesses who wish to pay for security could receive it. 
Those wanting features would get what they asked for. 
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It is argued that software developers characteristically do not correct all the security 

“ vulnerabilities and that known ones remain in the product after release. Whether this is due to a 
lack of resources or other reasons, this is unlikely to be the norm and would be rectified by the 
market. The cost of vendors in share price and reputational losses exceed the perceived gains 
from technical reasons where the fix might break existing applications. The application 1s already 
broken in the instance of a security vulnerability. 


| Users could still run older versions of software and have few, if any, bugs. The issue is that they 
would also gain no new features. It is clear that users want features. They could also choose to 
use only secure software, but the costs of doing so far outweigh the benefits and do not provide a 
guarantee against the security of a system being compromised. As such, the enforced legislation 
of security standards against software vendors is detrimental. A better approach would be to 
allow an open market based system where vendors can operate in reputational and derivative 
markets. 


At the end of any analysis, security is a risk function and what is most important is not the 
creation of perfectly security systems, but the correct allocation of scarce resources. Systems 
need to be created that allow the end user to determine their own acceptable level of risk based 
on good information. 


The goal of this research project 1s to create a series of quantitative models for information 
security that can be used to create a software security derivative and insurance market. 
Mathematical modeling techniques that can be used to model and predict information security 
risk will be developed using a combination of techniques including: 


. Economic theory, and Econometrics 
. Quantitative financial modeling, 

° Behavioral Economics, 

. Algorithmic game theory and 

° Statistical hazard/survival models. 


The models will account for heteroscedastic confounding variables and include appropriate 
transforms such that variance heterogeneity is assured in non-normal distributions. Process 
modeling for integrated Poisson continuous-time process for risk through hazard will be 
developed using a combination of: 


. Business financial data (Company accountancy and other records), 
. Anti-Virus Industry data 

. Legal databases for tortuous and regulatory costs and 

. Insurance datasets. 


This work and research follows and continues that published as: 


Wright, Craig S. and Zia, Tanveer A. (2010) The Economics of Developing Security 
Embedded Software, Proceedings of the 8th Australian Information Security Management 
Conference, Edith Cowan University, Perth Western Australia, 30th November 2010 
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Charles Sturt University 
http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1 101 &context=ism 
and 


Wright, Craig S. (2010) Software, Vendors and Reputation: an analysis of the dilemma in 
creating secure software, Proceedings of InTrust 2010 The Second International 
Conference on Trusted Systems 13th — 15th December 2010 Beijing, P. R. China 


Charles Sturt University 
and (forthcoming) 


Wright, Craig S. and Zia, Tanveer A (2011) A Quantitative Analysis into the Economics 
of Testing Software Bugs, Proceedings of 4th International Conference on Computational 
Intelligence in Security for Information Systems CISIS 2011 June 8-10th, 2011 


Wright, Craig S. and Zia, Tanveer A (2011) A Rationally Opting for the Insecure 
Alternative: Negative Externalities and the Selection of Security Controls, Proceedings of 
Ath International Conference on Computational Intelligence in Security for Information 
Systems CISIS 2011 June 8-10th, 2011 


Personnel and Performer Qualifications and Experience 
Craig S Wright (Full CV too long and is available in request) 


Over the years Craig has personally conducted and managed in excess of 1,600 IT security related 
engagements for more than 180 Australian and international organizations in both the private and 
government sectors. As a strong believer in life-long learning, Craig has qualifications in Law, IT, 
Mathematics and Business. However, his driving focus is research and development in the security and 
risk arena. He is the first person to have obtained multiple GSE certifications (Malware and Compliance) 
Craig designed the architecture for the world’s first online casino (Lasseter’s Online) in the Northern 
Territory; as well he has, in the past, designed and managed the implementation of many of the systems 
that protect the Australian Stock Exchange. To add to these accomplishments he has authored IT security 
related books and articles as well as designed a new university program for Charles Sturt University in 
New South Wales, Australia which will offer a Master in Digital Forensics. This program commenced in 
2010 and be offered as an on campus and distance education program. 


Dave Kleiman (http://en. wikipedia.org/wiki/Dave_Kleiman) 


Dave Kleiman is a noted Forensic Computer Investigator, an author/coauthor of multiple books and a 
noted speaker at security related events 


Bob Radvanovsky, CIFI, CISM, REM, CIPS, Infracritical, Inc. 

Principle, SCADA expert and Author 

(chapter author) of "Corporate Hacking and Technology-driven Crime: Social Dynamics and 
Implication", ISBN 1616928050 and 9781616928056, Information Science Publishing, July 2010. 
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URL: http://www.amazon.com/Corporate-Hacking-Technology-driven-Crime- 
, Implications/dp/1616928050 


"Challenges Faced by the SCADASEC Mailing List", Protecting Canada's Critical Infrastructure 2010 
Control Systems Security Workshop, sponsored by Royal Canadian Mounted Police (Ontario 
Technological Crime), Public Safety Canada and Emergency Management Ontario (Critical Infrastructure 
Assurance Program), Wednesday April 14, 2010 and Thursday, April 15, 2010. 

URL: http://www. infracritical.com/papers/scadasec-201 0-review.zip 

Author of "Critical Infrastructure: Homeland Security and Emergency Preparedness", Second Edition, 
ISBN 1420095277 and 9781420095272, Taylor & Francis CRC Press, December 2009. 

URL: http://www.amazon.co.uk/Critical-Infrastructure-Homeland-Emergency- 
Preparedness/dp/1420095277 

Contributor (introduction speaker) of “The Year in Homeland Security’, 2008/2009 Edition (Charles 
Oldham, editor director), Faircount Media Group. 

URL: http://viewer.zmags.com/publication/d1 408 139#/d1408139/12 

Author (co-author) of "Transportation Systems Security", ISBN 1420063782 and 9781420063783, Taylor 
and Francis CRC Press, May 2008. 

URL: http:/www.amazon.com/Transportation-Systems-Security-A llan-McDougall/dp/1420063782 


Commercialization Capabilities and Plan 


The principles are experienced researchers and businessmen in the realm of Information 
Security. The research will be conducted in conjunction with Charles Sturt University and will 
follow the standard commercialization processes of the University (these processes are available 
online). Further, this project will create a large body of public and academic knowledge and 
scientific research that could also be used by other companies and Universities in the creation of 
further models and structures that will lead to the securing of more systems again. 


Costs, Work, and Schedule 
Amount Requested (in dollars): $650,000.00 


Duration: 36 months 


The funding request will provide full scholarships and positions for three (3) PhD candidates to 
aide in the research and investigation of software security issues and solution, the creation of 
economic models and the publication of an expected 20-30 papers in this field. 


The period is set to three years which includes the completion of the PhD projects and the 
creation of the market, insurance and derivative models. 


. PhD Funding $240,000 

: Supervision $180,000 

° Survey and data Analysis $230,000 
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BAA Number: BAA 11-02-TTA 01-0127-WP 
: Offeror Name: W&K INFO DEFENSE RESEARCH LLC 
Title Software Assurance through Economic Measures 
Date: 07/04/2010 
N/A Operational Capability: 
The project will analyze a sample of at least 1,000 
coding projects using existing static analysis tools, 
manual code review and related techniques. Where 
these methods are lacking, proposals and methods 
to integrate existing methods and to fill the gaps 
left will be created. 
Schedule, Cost, Deliverables, & Contact Info: 
Provide any milestone decision points that will be 
required. Describe period of performance and total 
costs. Include the base performance period cost and 
length, and estimates of cost and lengths of 










































Proposed Technical Approach: 
This project will address and provide measures and 
The analysis will measure the following coding 
errors: 

Format string errors 







Integer Overflows possible option. 
Buffer overruns Deliverables: 
SQL Injection 20-30 published papers 


3 PhD Thesis' in the field 
A commercial model for software derivatives and 
insurance markets 






Cross-Site scripting 
Race Conditions 

® Command Injection. 
Several published papers have been released 
(forthcoming include) 








A means to measure and predict the following 
coding errors is being developed 

Format string errors 
Integer Overflows 
Buffer overruns 
SQL Injection 
Cross-Site scripting 
Race Conditions 
Command Injection. 






















Wright, Craig S. and Zia, Tanveer A 
(2011) A Quantitative Analysis into the 
Economics of Testing Software Bugs, 
Proceedings of 4th International 
Conference on Computational 
Intelligence in Security for Information 
Systems CISIS 2011 June 8-1 0th, 2011 










Corporate Information: 
Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 

Palm Beach 

FL 33410 - 6253 






Wright, Craig S. and Zia, Tanveer A 
(2011) A Rationally Opting for the 
Insecure Alternative: Negative 
Externalities and the Selection of 
Security Controls, Proceedings of 4th 
International Conference on 
Computational Intelligence in Security 
for Information Systems CISIS 2011 
June 8-10th, 2011 






















Phone: 5613108801 
Email: dave@davekleiman.com 






Authorized Representative: Craig Wright 


Signature: log 5 ve 
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Proposal White Paper 


BAA number, * 

Title of proposal; 
Name of offeror 
Administrative Contact: 
Company Name: 


Mailing Address (Line 1): 
Mailing Address (Line 2): 


City: 

State & Zip Code: 
Phone: 

Fax: 

TIN: 


Technical Contact: 


Company Name: 


Mailing Address (Line 1): 
Mailing Address (Line 2): 


City: 

State & Zip Code: 
Phone: 

Fax: 

TIN: 


141 


(Type D) 


BAA 11-02-TTA 09-0049-WP 

Risk Quantification 

W&K INFO DEFENSE RESEARCH LLC 
Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 


Palm Beach 

FL 33410 - 6253 

5613108801 

NA 

274997114 

Craig Wright 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 


Palm Beach 

FL 33410 - 6253 
+61 2 4362 1512 
NA 

274997114 


W&K INFO DEFENSE RESEARCH LLC is a Joint Venture Company between a US Vet. 
Owned Enterprise and a Australian Research Company. 


Amount Requested (in dollars): $2,200,000.00 
Duration: 36 months 
Requested Starting Date: 07/04/2011 


Small Business 


Business Type: 
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Executive Summary 


Using empirical evidence, this research aims to investigate and quantify the root cause of 
security flaws that act as a source of system compromise. Research into the effects of poor 
system design, market based risk solutions based on derivative instruments and the impact of 
common system misconfigurations will be incorporated into multivariate survival models. This 
research incorporates the economic impact of various decisions as a means of determining the 
optimal distribution of costs and liability when applied to information security and in particular 
when assigning costs in computer system security and reliability engineering. 


The objective of this research is to produce an innovative modelling architecture designed 
around information systems security and risk based reliability and survivability analysis. The 
objectives of the research are: | 


(1) To address the critical limitations (Jeanblanc & Valchev, 2005) that are associated with 
reliability engineering in regards to computer systems. This will be completed with 
competing risks analysis and multivariate survival analysis coupled with a game theoretic 
approach. Data collected from an analysis of systems in the field will be used to test 
assumptions. These assumptions (Marti, 2008) include: 


a. constant and homogenous failure rates, 
b. binary failure and univariate reliability, 
c. censoring of failure data, and 

d. independent failures. 

(2) To produce a methodology for the creation and testing of hazard and survival models for 
information systems. This will become a risk based quantitative approach to reliability and 
survivability engineering. 

(3) To incorporate methods that represent the effects of misaligned incentives and their 
consequence to security controls. 


To do this, it is necessary to recognise that information security is a risk function (Anderson, 
Longley & Kwok, 1994). Paying for too much security can be more damaging in economic terms 
than not buying enough. This leads to decisions about where the optimal expenditure on damage 
prevention should lie. This research will investigate who should be responsible for the security 
failures that are affecting the economy and society and how can this be maximized in order to 
minimize negative externalities (Cohen, 1976). The conclusions will be presented using an 
empirical study of software hazard rates and audit failures along with the question of how to 
enforce liability in a global economy. 


The research is intended to address some of the economic issues that are arising due to an 
inability of assign risk correctly, a failure to measure risk as well as looking at the misalignment 
of information systems audit and the compliance regime. The externalities that restrict the 
development of secure software and how the failure of the end user to apply controls makes it 
less probable that a software vendor will enforce stricter programming controls with failures in 
the audit and measurement processes are addressed. This includes a look at the misalignment of 
audit to security. This misalignment is demonstrated to result from the drawing of funds from 
security in order to provide compliance with little true economic gain (Wright, 2010). 


The introduction of Game Theory and Behavioural Economics (Anderson, 2001; Anderson, & 
Moore, 2006; Varian, 2004) have created a foundation for the rationalisation of information 
security processes which lead to improved allocation of economic resources. The optimal 
distribution of economic resources across risk allocations in information system can only lead to 
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a combination of more secure systems for a lower overall cost. This research will incorporate the 

: game theoretic multi-player decision problem. Agents in the model will be deemed to be rational 
with well-defined preferences, include the ability to reason strategically using their knowledge 
and belief of other players and to act according to a combination of both economic "Jirst 
thought" and deep strategic thinking (Nissan, et. al., 2007). Solutions to these models will be 
sought through a combination of the following game devices: 


e Equilibrium: evolutive (steady state) games 

e Heterogeneous sequential games 

e Rationalisability: deductive reasoning 
The models will detail the existence of strictly dominating games where these exist in 
information security practices and propose methods to improve these models. Existing 
information security practices in existing organisations will be classified into the following game 
types: 

e Non-cooperative vs. cooperative game 

e Strategic vs. extensive game 

e Perfect vs. imperfect information 
Bounded rationality, behavioural game aspects and other feedback effects will be investigated 
(Nissan, et. al., 2007). Social capital based on fairness and reciprocity will be defined as it 
applies to the economically efficient application of risk processes associated with Information 
systems. Contract Theory will be used to explain the creation of agreements and “contracts” in 
the presence of information asymmetry. This is approached through the combination of adverse 
selection, moral hazards and the “signalling game’’. In this, adverse selection is defined as the 
“Principal not having been informed of the other agent’s private information ex-ante” such as in 
George Akerlof’s “Market for lemons” (1970). This application of game theory has been asserted 
to explain many aspects of the software industries predisposition to create insecure software 
(Anderson, 2001). Arora, Telang and Xu (2004) asserted that a market-based mechanism for 
software vulnerabilities would necessarily underperform a CERT-type mechanism. The market 
that they used was a game theoretic pricing game. In the model reported, the players in the 
market do not report their prices’. These players use a model where information is distributed 
simultaneously to the client of the player and the vendor. The CERT model was touted as being 
the most favourable solution. The research will demonstrate that the examined "market" model is 
in itself sub-optimal. It both creates incentives to leak information without proper safeguards and 
creates vulnerability black-markets that rely on waiting until a patch was publically released and 
only then releasing the patch to the public. This ignores many externalities and assumes the only 
control is a patch in place of other alternative compensating controls. It is to be demonstrated 
that there are flaws with this approach that can be solved through the creation of a security and 
risk derivative market for software. The user would have an upfront estimate of the costs and this 
could be forced back to the software vendor. Where the derivative costs more than testing, the 
vendor would conduct more in-depth testing and reduce the levels of bugs (Bacon et. al. 2009). 


1.2 Our contribution and Technical Approach 


We intend to present an analysis using empirical studies to determine and model the cost of 
finding, testing and fixing security vulnerabilities. The goal of this research project is to create a 
series of quantitative models for information security. Mathematical modelling techniques that 


' E.g., iDefense Ltd. and other similar providers have a semi-closed market with limited information exchange. 
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can be used to model and predict information security risk will be developed using a 
- combination of techniques including: 


e Economic theory, and Econometrics 
e Quantitative financial modelling, 

e Behavioural Economics, 

e Algorithmic game theory and 

e Statistical hazard/survival models. 


The models will account for heteroscedastic confounding variables and include appropriate 
transforms such that variance heterogeneity is assured in non-normal distributions. Process 
modelling for integrated Poisson continuous-time process for risk through hazard will be 
developed using a combination of: 


e Business financial data (company accountancy and other records), 
Anti-Virus Industry data 

Legal databases for tortuous and regulatory costs and 

e Insurance datasets. 


This data will be coupled with hazard models created and validated using Honeynets (e.g. Project 
Honeynet), reporting sites such as the Internet Storm Centre and iDefence. The combination of 
this information will provide the framework for a truly quantitative security risk framework’. At 
present, the DShield storm centre receives logging from over 600,000 organisations. This 
represents a larger quantity of data than is used for actuarial data in the home insurance industry. 
The problem being that this information is not collated or analysed in any quantitatively sound 
manner. This research will model survival times for types of applications using the body of 
research into quantitative code analysis for risk. The research will create a series of models (such 
as those used within mechanical engineering, material science etc) for Information Risk. 


Some of the methods that are planned testing in the creation of the risk framework will include: 


e Random forest clustering, 

e K-means analysis, 

e Other classification algorithms, and 

e Network associative maps in text analysis forensic work. 


The correlation of reference data (such as IP and functional analysis data) between C&C 
(Command and Control) systems used in “botnets” is one aspect of this research. Starting from 
the outside (the cloud and perimeter) and working inwards to the network, the risk model would 
start by assessing external threats and move into internal threat sources, becoming gradually 
become more and more granular as one moves from network to individual hosts and finally to 
people (user behaviour (Varian, 2004)) and application modelling (Guo, Jarrow, & Zeng, 2005). 
The eventual result will be the creation of a model that can incorporate the type of organisation, 
size, location, application, systems used, and the user awareness levels to create a truly 
quantitative risk model. This would be reported with SE (standard error) and confidence level 
rather than a point estimate. Code to import data from hosts and networks, using raw “pcap 
traces”” will be developed such that system statistics and other data can be collated into a 
standardised format. This code will be developed in “R” and “C++’’. This will enable the 


* Support has been sought and received from SANS (including DShield), CIS (Centre for Internet Security) and the 
Honeynet project. 
~ Pcap is a packet capture standard supported by both open source and commercial network capture equipment. 
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creation and release of actuarial threat risk models that incorporate heterogeneous tendencies in 
variance across multidimensional determinants while maintaining parsimony. I foresee a 
combination of Heteroscedastic predictors (GARCH/ARIMA etc) coupled with non-parametric 
survival models. I expect that this will result in a model where the underlying hazard rate (rather 
than survival time) is a function of the independent variables (covariates). Cox's Proportional 
Hazard Model with Time-Dependent Covariates would be a starting point, going to non- 
parametric methods if necessary. The end goal will be to create a framework and possibly a 
program that can assess data stream based on a number of dependant variables (Threat models, 
system survival etc) and covariates and return a quantified risk forecast and standard error. 


Utility to Department of Homeland Security 


When a system fails, it often can fail in numerous ways with several causes for the failure 
(Crowder 2001). Censored observation management can be considered the principal factor 
influencing survival analysis. Survival analysis and has developed rigorous procedures and 
methods effective for the treatment of censored data based on probability theory, asymptotic 
counting and stochastic process as well as the Martingale central limit theorem. References to the 
univariate analysis of survival is found in Cox (1972), Cox and Oakes (1984), Fleming and 
Harrington (1991), Andersen et al (1993), Kalbfleisch and Prentice (1980, 2002), Klein and 
Moeschberger (2003), Ibrahim et al. (2005), Lawless (1982, 2003), Ma and Krings (2008). 
Modeling risk allows it to be measured and controlled. 
This work and research follows and continues: 
Wright, Craig S. and Zia, Tanveer A. (2010) The Economics of Developing Security 
Embedded Software, Proceedings of the 8th Australian Information Security Management 
Conference, Edith Cowan University, Perth Western Australia, 30th November 2010 
Charles Sturt University 
http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1 101 &context=ism 
and (forthcoming) 
Wright, Craig S. and Zia, Tanveer A (2011) A Quantitative Analysis into the Economics 
of Testing Software Bugs, Proceedings of 4th International Conference on Computational 
Intelligence in Security for Information Systems CISIS 2011 June 8-10th, 2011 
Wright, Craig S. and Zia, Tanveer A (2011) A Rationally Opting for the Insecure 
Alternative: Negative Externalities and the Selection of Security Controls, Proceedings of 
4th International Conference on Computational Intelligence in Security for Information 
Systems CISIS 2011 June 8-10th, 2011 
Personnel and Performer Qualifications and Experience 
Craig S Wright (Full CV too long and is available in request) 
Over the years Craig has personally conducted and managed in excess of 1,600 IT security related 
engagements for more than 180 Australian and international organizations in both the private and 
government sectors. As a strong believer in life-long learning, Craig has qualifications in Law, IT, 
Mathematics and Business. However, his driving focus is research and development in the security and 
risk arena. He is the first person to have obtained multiple GSE certifications (Malware and Compliance) 
Craig designed the architecture for the world’s first online casino (Lasseter’s Online) in the Northern 
Territory; as well he has, in the past, designed and managed the implementation of many of the systems 


that protect the Australian Stock Exchange. To add to these accomplishments he has authored IT security 
related books and articles as well as designed a new university program for Charles Sturt University in 
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New South Wales, Australia which will offer a Master in Digital Forensics. This program commenced in 
2010 and be offered as an on campus and distance education program. 


Dave Kleiman (http://en.wikipedia.org/wiki/Dave_Kleiman) 


Dave Kleiman is a noted Forensic Computer Investigator, an author/coauthor of multiple books and a 
noted speaker at security related events 


Bob Radvanovsky, CIFI, CISM, REM, CIPS, Infracritical, Inc. 
Principle, SCADA expert and Author 


URL: http://www.amazon.com/Corporate-Hacking-Technology-driven-Crime- 
Implications/dp/1616928050 


URL: http://www. infracritical.com/papers/scadasec-20 1 0-review.zip 


URL: http://www.amazon.co.uk/Critical-Infrastructure-Homeland-Emergency- 
Preparedness/dp/1 420095277 


URL: http://viewer.zmags.com/publication/d 1408 139#/d1408 139/12 
URL: http://www.amazon.com/Transportation-Systems-Security-A llan-McDougall/dp/1420063782 
Commercialization Capabilities and Plan — 
The principles are experienced researchers and businessmen in the realm of Information 
Security. The research will be conducted in conjunction with Charles Sturt University and will 
follow the standard commercialization processes of the University (these processes are available 
online). Further, this project will create a large body of public and academic knowledge and 
scientific research that could also be used by other companies and Universities in the creation of 
further models and structures that will lead to the securing of more systems again. 
Costs, Work, and Schedule 
Amount Requested (in dollars): $2,200,000.00 
Duration: 36 months 
The funding request will provide full scholarships and positions for three (3) PhD candidates to 
aide in the research and investigation of software security issues and solution, the creation of 
economic models and the publication of an expected 20-30 papers in this field. 
The period is set to three years which includes the completion of the PhD projects and the 
creation of the market, insurance and derivative models. 


° PhD Funding $480,000 
° Supervision $350,000 
: Survey and data Analysis $230,000 
. Research Fellowships (2) $260,000 
. Administration $120,000 
‘ Costs (Computational Systems) $660,000 
° Support Costs (Coding) $300,000 
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BAA Number: BAA 11-02-TTA 01-0127-WP 
Offeror Name: W&K INFO DEFENSE RESEARCH LLC 


















Title Risk Quantification 
Date: 07/04/2010 


Operational Capability: 






Proposed Technical Approach: 


The objective of this research is to produce an 
innovative modeling architecture designed 
around information systems security and risk 
based reliability and survivability analysis. The 
objectives of the research are: 


ob To address the critical limitations 
(Jeanblanc & Valchev, 2005) that are associated 
with reliability engineering in regards to 
computer systems. This will be completed with 
competing risks analysis and multivariate 
survival analysis coupled with a game theoretic 
approach. Data collected from an analysis of 
systems in the field will be used to test 
assumptions. These assumptions (Marti, 2008) 
include: 


constant and homogenous failure rates, 
binary failure and univariate reliability, 
censoring of failure data, and 

d independent failures. 


(2) To produce a methodology for the 
creation and testing of hazard and survival 
models for information systems. This will 
become a risk based quantitative approach to 
reliability and survivability engineering. 

(3) To incorporate methods that represent 
the effects of misaligned incentives and their 
consequence to security controls. 


Authorized Representative: Craig Wright 
Signature: lr, f v 
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The research is intended to address some of the economic issues that are arising due to an inability 
of assign risk correctly, a failure to measure risk as well as looking at the misalignment of 
information systems audit and the compliance regime. The externalities that restrict the 
development of secure software and how the failure of the end user to apply controls makes it less 
probable that a software vendor will enforce stricter programming controls with failures in the 
audit and measurement processes are addressed. This includes a look at the misalignment of audit 
to security. This misalignment is demonstrated to result from the drawing of funds from security 
in order to provide compliance with little true economic gain (Wright, 2010). 


















Schedule, Cost, Deliverables, & Contact Info: 
Deliverables: 

30-40 published papers 

3 PhD Thesis' in the field 

A commercial model for modeling information risk 


Several published papers have been released 
(forthcoming include) 


Wright, Craig S. and Zia, Tanveer A (2011) A 
Quantitative Analysis into the Economics of Testing 
Software Bugs, Proceedings of CISIS 2011 June 8- 
10th, 2011 


Wright, Craig S. and Zia, Tanveer A (2011) A 
Rationally Opting for the Insecure Alternative: 
Negative Externalities and the Selection of Security 
Controls, Proceedings of CISIS 2011, 2011 


Corporate Information: 

Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 

Palm Beach 

FL 33410 - 6253 

Phone: 5613108801 

Email: 


dave@davekleiman.com 
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274997114 


Craig Wright 


W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 


Palm Beach 

FL 33410 - 6253 
+61 2 4362 1512 
NA 

274997114 
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Business Type: 
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$1,200,000.00 
36 months | 
07/04/2011 


Small Business 
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Executive Summary 

° This project will develop the optimal derivative and risk strategy for software markets. A game 
theoretic approach to this will be modeled looking at the incentives of the business and 
programming functions in the organization. Programmers, as optimists (Brooks) hold, "the first 
assumption that underlies the scheduling of systems programming is that all will go well”. 
Testing is rarely considered by the normal programmer as this would imply failure. However, the 
human inability to create perfection leads to the introductions of flaws at each stage of 
development. This project will deliver frameworks designed to optimize the software 
development process and to sell the risk using a derivative market place that reflects this risk. 
The end goal is to remove externalities from the costs of software and incorporate the cost of bad 
software design into the final cost to the consumer. 
The deficiency of published quantitative data on software development and systems design has 
been a major ground for software engineering’s failure to ascertain a proper scientific 
foundation. Past studies into coding practice have focused on software vendors. These 
developers have many distinctions from in-house projects that are not incorporated into the 
practices and do not align well with in-house corporate code development. In the past, building 
software was the only option but as the industry developed, the build vs. buy argument has 
swung back towards in-house development with the uptake of Internet connected systems. In 
general, this has been targeted towards specialized web databases and online systems with office 
systems and mainstream commercial applications becoming a ‘buy’ decision. 
As companies move more and more to using the web and as ‘cloud applications’ become 
accepted, in-house development is becoming more common. This paper uses an empirical study 
of in-house software coding practices in Australian companies to both demonstrate that there is 
an economic limit to how far testing should proceed as well as noting the deficiencies in the 
existing approaches. 
1.1 Related Work and our contributions 
This research will seek to demonstrate that a well-defined software risk derivative market would 
improve the information exchange for both the software user and vendor removing the oft touted 
imperfect information state that is said to belie the software industry. In this way, users could 
have a rational means of accurately judging software risks and costs and as such the vendor 
could optimally apply their time between delivering features and averting risk in a manner 
demanded by the end user. After all, it is of little value to increase the cost per unit of software 
by more than an equal compensating control. | 
Arora, Telang and Xu asserted that a market based mechanism for software vulnerabilities will 
necessarily underperform a CERT-type mechanism. The market that they used was a game 
theoretic pricing game. In the model reported, the players in the market do not report their prices. 
These players use a model where information is simultaneously distributed to the client of the 
player and the vendor. The CERT model was touted as being optimal. It relies on waiting until a 
patch was publically released and only then releasing the patch to the public. This ignores many 
externalities and assumes the only control is a patch in place of other alternative compensating 
controls. 
Consequently, the examined "market" model is in itself sub-optimal. It both creates incentives to 
leak information without proper safeguards and creates vulnerability black-markets. As criminal 
groups and selected security vendors (such as Penetration testers and IDS vendors) have an 
incentive to gain information secretly , they have an incentive to pay more for unknown 
vulnerabilities in a closed market. This means that a seller to one of these parties has a 
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reputational incentive to earn more through not releasing information as the individual's 

° reputation will be based on their ability to maintain secrecy. 
"Vulnerability disclosure adversely and significantly affects the stock performance of a software 
vendor. We show that, on average, a software vendor loses around 0.63% of market value on the 
day of the vulnerability announcement. This translates to a dollar amount of $0.86 billion loss in 
market value. We also show that markets do not penalize a vendor any more if the vulnerability 
is discovered by a third party than by the vendor itself." 
These results demonstrate that a vendor has an incentive to minimize the vulnerabilities found in 
their products. If an excessive number of vulnerabilities continue to impact a vendor, their 
market capitalization suffers as a consequence. This justification offers strong evidence that a 
vendor does not have an incentive to hide information (as third party vulnerability researchers 
cause an equal loss in capitalization). It has to be expected that any vulnerability known by the 
vendor will be uncovered. If the vendor fixes this flaw before release, the cost is minimized and 
at the limit approaches the cost of testing, (that is a zero incremental cost to that which would be 
expressed later). 
If the vendor discovers a vulnerability in the software they produce, the result is a 'strongly 
dominated’ motive to fix the bug. Hence, any remaining bugs are those that have not been 
uncovered by the vendor and which are less economical to find (through an increase in testing). 
It can thus be demonstrated that the vendor knows no more than the user at the point of software 
release as to the state of bugs in a product. 
Testing is far less expensive earlier in the development cycle. Early in the process, the software 
developer has the greatest returns in testing and bug finding. As the development progresses, the 
returns are reduced as the process required and the costs associated with finding and correcting 
software vulnerabilities increases. | 
The utility is lowest when the software has been shipped to the user. At this point, fixing flaws is 
an expensive process for both the user and the vendor. This leaves the optimal solution to find as 
many bugs as possible as early in the development process as is feasible. This contrasts with the 
increasing costs of finding bugs. This leaves the optimal solution for the vendor based on the 
discovery of as many bugs as possible as early in the development process as is feasible (as a bug 
discovered early in the process can cost as much as 10x less than one discovered later) . It does 
not mean that all bugs or vulnerabilities will be found as the cost of finding additional 
vulnerabilities quickly exceeds the returns. 
The market for lemons requires that the vendor knows the level of flaws better than the user. To 
many this may seem a common sense outcome, the vendor has access to source code, wrote the 
program and ran the development process. This is a flawed view as we have demonstrated as it is 
in the vendor’s interest to mitigate vulnerabilities as early as possible. More importantly, the 
vendor is punished for bugs. 
1.2 Our contribution 
We intend to present an analysis using empirical studies to determine and model the cost of 
finding, testing and fixing software bugs. We model the discovery of bugs or vulnerabilities in 
using quantitative functions and calculate the defect rate per SLOC (source line of codes) using 
Bayesian calculations. 
The end solution to the limited and sub-optimal markets that currently exist would be the 
creation of Hedge funds for software security. Sales in software security based derivatives could 
be created on forward contracts. One such solution is the issuing of paired contracts (such as 
exist in short sales of stocks ). The first contract would be taken by a user and would pay a fixed 
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amount if the software has suffered from any unmitigated vulnerabilities on the (forward) date 

: specified in the contract. The paired contract would cover the vendor. If the vendor creates 
software without flaws (or at least mitigates all easily determinable flaws prior to the inception 
of the contract) the contract pays them the same amount as the first contract. 
This is in effect a 'bet' that the software will perform effectively. If a bug is discovered, the user 
is paid a predetermined amount. This amount can be determined by the user to cover the 
expected costs of patching and any consequential damages (if so desired). This allows the user to 
select their own risk position by purchasing more or less risk as suits both the risk tolerance and 
the nature of the user's systems. 
Such a derivative (if an open market is allowed to exist) would indicate the consensus opinion as 
to the security of the software and the reputation of the vendor. Such an instrument would allow 
software vendors and users to hedge the risks faced by undiscovered software vulnerabilities. 
These instruments would also be in the interest of the software vendor's investors as the ability to 
manage risk in advance would allow for forward financial planning and limit the negative impact 
that vulnerability discovery has on the quoted prices of a vendors capital. 
This project will model the security of software coding practices in a manner that will lead to 
fewer economic externalities 
Utility to Department of Homeland Security 
In economic terms, we want to assign liability such that the optimal damage mitigation strategy 
occurs. The victim will mitigate their damages where no damages for breach apply in respect of 
the optimal strategy and payoffs. The rule that creates the best incentives for both parties is the 
doctrine of avoidable consequences (marginal costs liability). 
Mitigation of damages is concerned with both the post-breach behaviors of the victim and the 
actions of the party to minimize the impact of a breach. In a software parlays', this would incur 
costs to the user of the software in order to adequately secure their systems. This again is a trade- 
off. Before the breach (through software failures and vulnerabilities that can lead to a violation of 
a system's security), the user has an obligation to install and maintain the system in a secure 
state. The user is likely to have the software products of several vendors installed on a single 
system. Because of this, the interactions of the software selected and installed by the user span 
the range of multiple sources and no single software vendor can account for all possible 
combinations and interactions. 
Any pre-breach behavior of the vendor and user of software needs to incorporate the capability 
of the vendors to both minimize the liability attached to their own products, as well as the 
interactions of other products installed on a system. It is feasible to deploy one of several options 
that can aid in the minimization of the effects of a breach due to a software problem prior to the 
discovery of software vulnerabilities, these include: 


" The software vendor can implement protective controls (such as firewalls) 

2. The user can install protective controls 

3. the vendor can provide accounting and tracking functions 

The following steps further facilitate in minimizing the effects of software vulnerabilities: 
l. The vendor can employ more people to test software for vulnerabilities 

Z The software vendor can add additional controls 


Where more time is expended on the provision of software security by the vendor (hiring more 
testers, more time writing code etc), the cost of the software needs to reflect this additional 
effort, hence the cost to the consumer increases. This cost is divisible in the case of a widely 
deployed Operating System (such as Microsoft Windows) where it is easy to distribute the 
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incremental costs across additional users. Smaller vendors (such as small tailored vendors for the 
: Hotel accounting market) do not have this distributional margin and the additional controls could 

result in a substantial increase in the cost of the program. 

Technical Approach 

The goal of this research project is to create a series of quantitative models for information 

security that can be used to create a software security derivative and insurance market. 

Mathematical modeling techniques that can be used to model and predict information security 

risk will be developed using a combination of techniques including: 


° Economic theory, and Econometrics 
° Quantitative financial modeling, 

. Behavioral Economics, 

. Algorithmic game theory and 

. Statistical hazard/survival models. 


The models will account for heteroscedastic confounding variables and include appropriate 
transforms such that variance heterogeneity is assured in non-normal distributions. Process 
modeling for integrated Poisson continuous-time process for risk through hazard will be 
developed using a combination of: 


. Business financial data (company accountancy and other records), 
. Anti-Virus Industry data 

. Legal databases for tortuous and regulatory costs and 

. Insurance datasets. 


This work and research follows and continues that published as: 
Wright, Craig S. and Zia, Tanveer A. (2010) The Economics of Developing Security 


Embedded Software, Proceedings of the 8th Australian Information Security Management 
Conference, Edith Cowan University, Perth Western Australia, 30th November 2010 
Charles Sturt University 
http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1 101 &context=ism 

and 
Wright, Craig S. (2010) Software, Vendors and Reputation: an analysis of the dilemma in 
creating secure software, Proceedings of InTrust 2010 The Second International 
Conference on Trusted Systems 13th — 15th December 2010 Beying, P. R. China 
Charles Sturt University 

and (forthcoming) 
Wright, Craig S. and Zia, Tanveer A (2011) A Quantitative Analysis into the Economics 
of Testing Software Bugs, Proceedings of 4th International Conference on Computational 
Intelligence in Security for Information Systems CISIS 2011 June 8-10th, 2011 
Wright, Craig S. and Zia, Tanveer A (2011) A Rationally Opting for the Insecure 
Alternative: Negative Externalities and the Selection of Security Controls, CISIS 2011 
June 8-10th, 2011 


Personnel and Performer Qualifications and Experience 
Craig S Wright (Full CV too long and is available in request) 


Over the years Craig has personally conducted and managed in excess of 1,600 IT security related 
engagements for more than 180 Australian and international organizations in both the private and 
government sectors. As a strong believer in life-long learning, Craig has qualifications in Law, IT, 
Mathematics and Business. However, his driving focus is research and development in the security and 
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risk arena. He is the first person to have obtained multiple GSE certifications (Malware and Compliance) 
Craig designed the architecture for the world’s first online casino (Lasseter’s Online) in the Northern 
Territory; as well he has, in the past, designed and managed the implementation of many of the systems 
that protect the Australian Stock Exchange. To add to these accomplishments he has authored IT security 
related books and articles as well as designed a new university program for Charles Sturt University in 
New South Wales, Australia which will offer a Master in Digital Forensics. This program commenced in 
2010 and be offered as an on campus and distance education program. 


Dave Kleiman (http://en.wikipedia.org/wiki/Dave_ Kleiman) 


Dave Kleiman is a noted Forensic Computer Investigator, an author/coauthor of multiple books and a 
noted speaker at security related events 


Bob Radvanovsky, CIFI, CISM, REM, CIPS, Infracritical, Inc. 
Principle, SCADA expert and Author 

(chapter author) of "Corporate Hacking and Technology-driven Crime: Social Dynamics and URL: 
http://www.amazon.com/Corporate-Hacking-Technology-driven-Crime-Implications/dp/1616928050 


URL: http://www. infracritical.com/papers/scadasec-20 1 0-review.zip 

URL: http://www.amazon.co.uk/Critical-Infrastructure-Homeland-Emergency- 

Preparedness/dp/1 420095277 

URL: http://viewer.zmags.com/publication/d1408139#/d1408139/12 

URL: http://www.amazon.com/Transportation-Systems-Security-A llan-McDougall/dp/1 420063782 


Commercialization Capabilities and Plan 


The principles are experienced researchers and businessmen in the realm of Information 
Security. The research will be conducted in conjunction with Charles Sturt University and will 
follow the standard commercialization processes of the University (these processes are available 
online). Further, this project will create a large body of public and academic knowledge and 
scientific research that could also be used by other companies and Universities in the creation of 
further models and structures that will lead to the securing of more systems again. 


Costs, Work, and Schedule 
Amount Requested (in dollars): $1,200,000.00 
Duration: 36 months 
~The funding request will provide full scholarships and positions for three (3) PhD candidates to 
aide in the research and investigation of software security issues and solution, the creation of 
economic models and the publication of an expected 20-30 papers in this field. The period is set 
to three years which includes the completion of the PhD projects and the creation of the market, 
insurance and derivative models. 


. PhD Funding $360,000 

. Supervision $180,000 

° Survey and data Analysis $220,000 

° Administration $120,000 

. Core Systems $220,000 

: Marketing of system and test use $100,000 
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Title 
BAA 11-02-TTA 14-0025-WP 
Date: 07/04/2010 


NA 





Proposed Technical Approach: 
This project will address and provide measures and 
The analysis will measure the following coding 
errors: 
| Format string errors 
Integer Overflows 
Buffer overruns 
SQL Injection 
Cross-Site scripting 
Race Conditions 
e Command Injection. 
In addition, market models for selling 
vulnerabilities will be developed and tested. A first 
stage vulnerability and risk marketplace will be 
developed. 


Several published papers have been released 
(forthcoming include) 


Wright, Craig S. and Zia, Tanveer A 
(2011) A Quantitative Analysis into the 
Economics of Testing Software Bugs, 
Proceedings of 4th International 
Conference on Computational 
Intelligence in Security for Information 
Systems CISIS 2011 June 8-10th, 2011 


Wright, Craig S. and Zia, Tanveer A 
(2011) A Rationally Opting for the 
Insecure Alternative: Negative 
Externalities and the Selection of 
Security Controls, Proceedings CISIS 
2011 June 8-10th, 2011 


Authorized Representative: Craig Wright 


Signature: 
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Operational Capability: 
The project test, develop and test a combination of 
insurance and derivative based risk markets for 
both software security and information risk 
minimization. 
Schedule, Cost, Deliverables, & Contact Info: 
This project will develop the optimal derivative and 
risk strategy for software markets. A game 
theoretic approach to this will be modelled looking 
at the incentives of the business and programming 
functions in the organization. Programmers, as 
optimists (Brooks, ) hold, 

"the first assumption that underlies the scheduling 
of systems programming is that all will go well”. 
Testing is rarely considered by the normal 
programmer as this would imply failure. However, 
the human inability to create perfection leads to the 
introductions of flaws at each stage of 
development. This project will deliver frameworks 
designed to optimize the software development 
process and to sell the risk using a derivative 
market place that reflects this risk. The end goal is 
to remove externalities from the costs of software 
and incorporate the cost of bad software design into 
the final cost to the consumer. 

Deliverables: 

20-30 published papers 

3 PhD Thesis' in the field 

A commercial model for software derivatives and 
insurance markets 








Corporate Information: 


Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 

Palm Beach 

FL 33410 - 6253 

Phone: 5613108801 

Email: dave@davekleiman.com 
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Palm Beach 
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Requested Starting Date: 07/04/2011 
Business Type: Small Business 
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Executive Summary 

This project involves the creation of a SCADA targeted filter. This filter will act as a security 
gateway allowing users to access legacy systems that do not support modern encrypted protocols 
to do so whist not having to interfere with the existing system. At the same time, advanced 
threats and Malware (such as STUXNET) will be isolated from the systems using a bridged 
firewall layer. This system will in itself be isolated and resilient and be capable of reliable action 
when power and other failures occur. It will collate and report attacks seamlessly allowing 
Internet connected management and monitoring systems to co-exist on treacherous networks in a 
cloud environment. 


The Revenant device is an embedded Linux-based appliance with an RFC compliant IPSec and 

-Stateful firewall implementation built into the kernel. It is built using embedded Linux and is 
completely solid state with no moving parts to fail and no hard drive. It also utilises kernel-based 
IPSec. Designed as an appliance, this system is modular and highly configurable, requiring a 
small physical, CPU and memory footprint. 


The Revenant appliance platform provides a base set of services and functions as an operating 
environment for many security conscious network based applications. The Appliance provides 
built-in IPSec encryption, SSHv2 Secure Remote Management, text based management and 
power-off safe operation. 


Basic Management and upkeep of Revenant 


System Life-Cycle comprises: 


. Security Patch updates 

. System and Application updates 

° System health-check and maintenance 
. System Security Integrity maintenance 


Revenant embodies an imbedded, appliance architecture with a strong bias towards encryption, 
out-of-band authentication and other network applications. 


-Two primary products have been designed at this point, with expansion into additional modules 
planned for the future. 
° Revenant Encrypted Private Network Gateway 
. The Revenant EPN Gateway provides a platform for performing IPSec encryption in 
several configurations: 

1) Network-to-Network 
2) Host-to-Network 
3) Host-to-Host 
4) Revenant IDS 

. The Revenant application is also capable of providing a platform for an IDS sensor. 


The Revenant appliance platform provides a base set of services and functions as an operating 
environment for many security conscious network based applications. The Appliance provides 
built-in [PSec encryption, SSHv2 Secure Remote Management, Text based management and 
power-off safe operation 
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The Revenant appliance has been built with size, performance and security as primary goals, and 
as a result of this, the system does not run any network accessible processes except those 
required by specifically installed modules. 


The Revenant platform offers no intrinsic network access paths, and is not accessible on the 
network unless one of the network modules has been installed. The Revenant system does not 
load any network accessible functionality except as required by the appliance modules loaded in 
any specific configuration. 


The Revenant Measurement appliance is an “Out-of-Band” strong authentication and connection 

gateway system. Measurement is an access concentrator, which performs strong authentication 
of user requests. In a security conscious environment, the Measurement allows an organization to 
effectively provide wide-ranging access to systems or services through a single, secure access 
path. 


The Revenant appliance is a perfect platform for Measurement services due to the security 
functions and services built into the base system. 


1.1 Related Work and our contributions 

This project involves the creation of a SCADA targeted filter. This filter will act as a security 
gateway allowing users to access legacy systems that do not support modern encrypted protocols 
to do so whist not having to interfere with the existing system. At the same time, advanced 
threats and Malware (such as STUXNET) will be isolated from the systems using a bridged 
firewall layer. This system will in itself be isolated and resilient and be capable of reliable action 
when power and other failures occur. It will collate and report attacks seamlessly allowing 
Internet connected management and monitoring systems to co-exist on treacherous networks in a 
cloud environment. 


Technical Approach 
_A PCap module written in R and C that can take ditet network feeds (TCP/IP) and report on 
anomalous traffic (with a learning feature and feedback cycle to minimize error with use) will be 
developed with the appliance. 


This work and research follows and continues that published as: 
Wright, Craig S. and Zia, Tanveer A. (2010) The Economics of Developing Security 


Embedded Software, Proceedings of the 8th Australian Information Security Management 
Conference, Edith Cowan University, Perth Western Australia, 30th November 2010 
Charles Sturt University 

http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1 101 &context=ism 


and 
Wright, Craig S. (2010) Software, Vendors and Reputation: an analysis of the dilemma in 
creating secure software, Proceedings of InTrust 2010 The Second International 
Conference on Trusted Systems 13th — 15th December 2010 Beijing, P. R. China 
Charles Sturt University 
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and (forthcoming) 
° Wright, Craig S. and Zia, Tanveer A (2011) A Quantitative Analysis into the Economics 
of Testing Software Bugs, Proceedings of 4th International Conference on Computational 
Intelligence in Security for Information Systems CISIS 2011 June 8-10th, 2011 
Wright, Craig S. and Zia, Tanveer A (2011) A Rationally Opting for the Insecure 
Alternative: Negative Externalities and the Selection of Security Controls, CISIS 2011 
June 8-10th, 2011 


Personnel and Performer Qualifications and Experience 
Craig S Wright (Full CV too long and is available in request) 


Over the years Craig has personally conducted and managed in excess of 1,600 IT security related 
engagements for more than 180 Australian and international organizations in both the private and 
government sectors. As a strong believer in life-long learning, Craig has qualifications in Law, IT, 
Mathematics and Business. However, his driving focus is research and development in the security and 
risk arena. He is the first person to have obtained multiple GSE certifications (Malware and Compliance) 
Craig designed the architecture for the world’s first online casino (Lasseter’s Online) in the Northern 
Territory; as well he has, in the past, designed.and managed the implementation of many of the systems 
that protect the Australian Stock Exchange. To add to these accomplishments he has authored IT security 
related books and articles as well as designed a new university program for Charles Sturt University in 
New South Wales, Australia which will offer a Master in Di gital Forensics. This program commenced in 
2010 and be offered as an on campus and distance education program. 


Dave Kleiman (http://en. wikipedia.org/wiki/Dave_Kleiman) 


Dave Kleiman is a noted Forensic Computer Investigator, an author/coauthor of multiple books and a 
noted speaker at security related events 


Bob Radvanovsky, CIFI, CISM, REM, CIPS, Infracritical, Inc. 
Principle, SCADA expert and Author 
(chapter author) of "Corporate Hacking and Technology-driven Crime: Social Dynamics and URL: 
- http://www.amazon.com/Corporate-Hacking-Technology-driven-Crime-Implications/dp/1616928050 


URL: http://www. infracritical.com/papers/scadasec-2010-review.zip 

URL: http://www.amazon.co.uk/Critical-Infrastructure-Homeland-Emergency- 

Preparedness/dp/1 420095277 

URL: http://viewer.zmags.com/publication/d1408139#/d1408139/12 

URL: http://www.amazon.com/Transportation-Systems-Security-A Ilan-McDougall/dp/1420063782 


Commercialization Capabilities and Plan 


The principles are experienced researchers and businessmen in the realm of Information 
Security. The research will be conducted in conjunction with Charles Sturt University and will 
follow the standard commercialization processes of the University (these processes are available 
online). Further, this project will create a large body of public and academic knowledge and 
scientific research that could also be used by other companies and Universities in the creation of 
further models and structures that will lead to the securing of more systems again. 
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Costs, Work, and Schedule 
: Amount Requested (in dollars): $1,800,000.00 
Duration: 36 months 


The funding request will provide full scholarships and positions for two (2) PhD candidates to 
aide in the research and investigation of security issues and solution, the creation of software and 
IDS tools in this field. The period is set to three years which includes the completion of the PhD 


projects and the creation of the appliance and related open source software. 


PhD Funding $240,000 
Supervision $180,000 
Survey and data Analysis $120,000 
Administration $120,000 
Core Systems $220,000 
Marketing of system and test use $100,000 
Software coding $340,000 
Electronics and System $480,000 
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BAA Number: BAA 11-02-TTA 05-0155-WP 
: Offeror Name: W&K INFO DEFENSE RESEARCH LLC 

Title SCADA Isolation 

Date: 07/04/2010 
Operational Capability: 
The project test, develop and test a set of software 
and hardware solutions developed to minimize 
attacks again SCADA systems. 


Proposed Technical Approach: | Schedule, Cost, Deliverables, & Contact Info: 
This project will provide a low cost, high This project involves the creation of a SCADA 
availability and security SCADA security solution | targeted filter. This filter will act as a security 
through: gateway allowing users to access legacy systems 
System inventory management that do not support modern encrypted protocols to 
Firewall do so whist not having to interfere with the existing 
Anti-virus / anti-malware system. At the same time, advanced threats and 
Forensic network capture Malware (such as STUXNET) will be isolated from 
the systems using a bridged firewall layer. This 
system will in itself be isolated and resilient and be 
capable of reliable action when power and other 
failures occur. It will collate and report attacks 
seamlessly allowing Internet connected 
management and monitoring systems to co-exist on 
treacherous networks in a cloud environment. 


IP property protection and 
extrusion reporting 

Risk quantification 

Advanced traffic filtering and data 
capture 

The idea to be patented — advanced 
IDS / honeypot 


Deliverables: 

5-10 published papers 

2 PhD Thesis' in the field 

A commercial appliance 

A TCPDump filter program 
Corporate Information: 

Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 

Palm Beach 

FL 33410 - 6253 

Phone: 5613108801 

Email: dave@davekleiman.com 





Authorized Representative: Craig Wright 


Signature: log 4 Np 
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BAA 11-02-TTA 09-0049-WP 

Risk Quantification 

W&K INFO DEFENSE RESEARCH LLC 
Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 


Palm Beach 

FL 33410 - 6253 

5613108801 

NA 

274997114 

Craig Wright 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 


Palm Beach 

FL 33410 - 6253 
+61 2 4362 1512 
NA 

274997114 
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W&K INFO DEFENSE RESEARCH LLC is a Joint Venture Company between a US Vet. 
Owned Enterprise and a Australian Research Company. 


Amount Requested (in dollars): $2,200,000.00 
Duration: 36 months 
Requested Starting Date: 07/04/2011 


Business Type: Small Business 





CONFIDENTIAL KLEIMAN_00560983 


Case 9:18-cv-80176-BB Document 829-132 Entered on FLSD Docket 12/16/2021 Page 102 
: of 141 


Executive Summary 


Using empirical evidence, this research aims to investigate and quantify the root cause of 
security flaws that act as a source of system compromise. Research into the effects of poor 
system design, market based risk solutions based on derivative instruments and the 1mpact of 
common system misconfigurations will be incorporated into multivariate survival models. This 
research incorporates the economic impact of various decisions as a means of determining the 
optimal distribution of costs and liability when applied to information security and in particular 
when assigning costs in computer system security and reliability engineering. 


The objective of this research is to produce an innovative modelling architecture designed 
around information systems security and risk based reliability and survivability analysis. The 
objectives of the research are: 


(1) To address the critical limitations (Jeanblanc & Valchev, 2005) that are associated with 
reliability engineering in regards to computer systems. This will be completed with 
competing risks analysis and multivariate survival analysis coupled with a game theoretic 
approach. Data collected from an analysis of systems in the field will be used to test 
assumptions. These assumptions (Marti, 2008) include: 


a. constant and homogenous failure rates, 
b. binary failure and univariate reliability, 
c. censoring of failure data, and 

d. independent failures. 

(2) To produce a methodology for the creation and testing of hazard and survival models for 
information systems. This will become a risk based quantitative approach to reliability and 
survivability engineering. 

(3) To incorporate methods that represent the effects of misaligned incentives and their 
consequence to security controls. 


To do this, it is necessary to recognise that information security is a risk function (Anderson, 
Longley & Kwok, 1994). Paying for too much security can be more damaging in economic terms 
than not buying enough. This leads to decisions about where the optimal expenditure on damage 
prevention should lie. This research will investigate who should be responsible for the security 
failures that are affecting the economy and society and how can this be maximized tn order to 
minimize negative externalities (Cohen, 1976). The conclusions will be presented using an 
empirical study of software hazard rates and audit failures along with the question of how to 
enforce liability in a global economy. 


The research is intended to address some of the economic issues that are arising due to an 
inability of assign risk correctly, a failure to measure risk as well as looking at the misalignment 
of information systems audit and the compliance regime. The externalities that restrict the 
development of secure software and how the failure of the end user to apply controls makes it 
less probable that a software vendor will enforce stricter programming controls with failures in 
the audit and measurement processes are addressed. This includes a look at the misalignment of 
audit to security. This misalignment is demonstrated to result from the drawing of funds from 
security in order to provide compliance with little true economic gain (Wright, 2010). 


The introduction of Game Theory and Behavioural Economics (Anderson, 2001; Anderson, & 
Moore, 2006; Varian, 2004) have created a foundation for the rationalisation of information 
security processes which lead to improved allocation of economic resources. The optimal 
distribution of economic resources across risk allocations in information system can only lead to 
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a combination of more secure systems for a lower overall cost. This research will incorporate the 
game theoretic multi-player decision problem. Agents in the model will be deemed to be rational 
with well-defined preferences, include the ability to reason strategically using their knowledge 
and belief of other players and to act according to a combination of both economic "first 
thought" and deep strategic thinking (Nissan, et. al., 2007). Solutions to these models will be 
sought through a combination of the following game devices: 


e Equilibrium: evolutive (steady state) games 

e Heterogeneous sequential games 

e Rationalisability: deductive reasoning 
The models will detail the existence of strictly dominating games where these exist in 
information security practices and propose methods to improve these models. Existing 
information security practices in existing organisations will be classified into the following game 
types: 

e Non-cooperative vs. cooperative game 

e Strategic vs. extensive game 

e Perfect vs. imperfect information 
Bounded rationality, behavioural game aspects and other feedback effects will be investigated 
(Nissan, et. al., 2007). Social capital based on fairness and reciprocity will be defined as it 
applies to the economically efficient application of risk processes associated with Information 
systems. Contract Theory will be used to explain the creation of agreements and “contracts” in 
the presence of information asymmetry. This is approached through the combination of adverse 
selection, moral hazards and the “signalling game”. In this, adverse selection is defined as the 
“Principal not having been informed of the other agent’s private information ex-ante” such as in 
George Akerlof’s “Market for lemons” (1970). This application of game theory has been asserted 
to explain many aspects of the software industries predisposition to create insecure software 
(Anderson, 2001). Arora, Telang and Xu (2004) asserted that a market-based mechanism for 
software vulnerabilities would necessarily underperform a CERT-type mechanism. The market 
that they used was a game theoretic pricing game. In the model reported, the players in the 
market do not report their prices’. These players use a model where information is distributed 
simultaneously to the client of the player and the vendor. The CERT model was touted as being 
the most favourable solution. The research will demonstrate that the examined "market" model is 
in itself sub-optimal. It both creates incentives to leak information without proper safeguards and 
creates vulnerability black-markets that rely on waiting until a patch was publically released and 
only then releasing the patch to the public. This ignores many externalities and assumes the only 
control is a patch in place of other alternative compensating controls. It is to be demonstrated 
that there are flaws with this approach that can be solved through the creation of a security and 
risk derivative market for software. The user would have an upfront estimate of the costs and this 
could be forced back to the software vendor. Where the derivative costs more than testing, the 
vendor would conduct more in-depth testing and reduce the levels of bugs (Bacon et. al. 2009). 


1.2 Our contribution and Technical Approach 


We intend to present an analysis using empirical studies to determine and model the cost of 
finding, testing and fixing security vulnerabilities. The goal of this research project is to create a 
series of quantitative models for information security. Mathematical modelling techniques that 


' E.g., iDefense Ltd. and other similar providers have a semi-closed market with limited information exchange. 
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can be used to model and predict information security risk will be developed using a 
combination of techniques including: 


e Economic theory, and Econometrics 

e Quantitative financial modelling, 

e Behavioural Economics, 

e Algorithmic game theory and 

e Statistical hazard/survival models. 
The models will account for heteroscedastic confounding variables and include appropriate 
transforms such that variance heterogeneity is assured in non-normal distributions. Process 
modelling for integrated Poisson continuous-time process for risk through hazard will be 
developed using a combination of: 


Business financial data (company accountancy and other records), 
Anti-Virus Industry data 

Legal databases for tortuous and regulatory costs and 

e Insurance datasets. 


This data will be coupled with hazard models created and validated using Honeynets (e.g. Project 
Honeynet), reporting sites such as the Internet Storm Centre and iDefence. The combination of 
this information will provide the framework for a truly quantitative security risk framework”. At 
present, the DShield storm centre receives logging from over 600,000 organisations. This 
represents a larger quantity of data than is used for actuarial data in the home insurance industry. 
The problem being that this information is not collated or analysed in any quantitatively sound 
manner. This research will model survival times for types of applications using the body of 
research into quantitative code analysis for risk. The research will create a series of models (such 
as those used within mechanical engineering, material science etc) for Information Risk. 


Some of the methods that are planned testing in the creation of the risk framework will include: 


Random forest clustering, 

K-means analysis, 

Other classification algorithms, and 

Network associative maps in text analysis forensic work. 


The correlation of reference data (such as IP and functional analysis data) between C&C 
(Command and Control) systems used in “botnets” is one aspect of this research. Starting from 
the outside (the cloud and perimeter) and working inwards to the network, the risk model would 
start by assessing external threats and move into internal threat sources, becoming gradually 
become more and more granular as one moves from network to individual hosts and finally to 
people (user behaviour (Varian, 2004)) and application modelling (Guo, Jarrow, & Zeng, 2005). 
The eventual result will be the creation of a model that can incorporate the type of organisation, 
size, location, application, systems used, and the user awareness levels to create a truly 
quantitative risk model. This would be reported with SE (standard error) and confidence level 
rather than a point estimate. Code to import data from hosts and networks, using raw “pcap 
traces”” will be developed such that system statistics and other data can be collated into a 
standardised format. This code will be developed in “R” and “C++”. This will enable the 


? Support has been sought and received from SANS (including DShield), CIS (Centre for Internet Security) and the 
Honeynet project. 
: ae isa ic aan capture standard canes a both open source and commercial network capture equipment. 
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creation and release of actuarial threat risk models that incorporate heterogeneous tendencies in 
variance across multidimensional determinants while maintaining parsimony. I foresee a 
combination of Heteroscedastic predictors (GARCH/ARIMA etc) coupled with non-parametric 
survival models. I expect that this will result in a model where the underlying hazard rate (rather 
than survival time) is a function of the independent variables (covariates). Cox's Proportional 
Hazard Model with Time-Dependent Covariates would be a starting point, going to non- 
parametric methods if necessary. The end goal will be to create a framework and possibly a 
program that can assess data stream based on a number of dependant variables (Threat models, 
system survival etc) and covariates and return a quantified risk forecast and standard error. 


Utility to Department of Homeland Security 


When a system fails, tt often can fail in numerous ways with several causes for the failure 
(Crowder 2001). Censored observation management can be considered the principal factor 
influencing survival analysis. Survival analysis and has developed rigorous procedures and 
methods effective for the treatment of censored data based on probability theory, asymptotic 
counting and stochastic process as well as the Martingale central limit theorem. References to the 
univariate analysis of survival is found in Cox (1972), Cox and Oakes (1984), Fleming and 
Harrington (1991), Andersen et al (1993), Kalbfleisch and Prentice (1980, 2002), Klein and 
Moeschberger (2003), Ibrahim et al. (2005), Lawless (1982, 2003), Ma and Krings (2008). 


Modeling risk allows it to be measured and controlled. 
This work and research follows and continues: 
Wright, Craig S. and Zia, Tanveer A. (2010) The Economics of Developing Security 


Embedded Software, Proceedings of the 8th Australian Information Security Management 
Conference, Edith Cowan University, Perth Western Australia, 30th November 2010 


Charles Sturt University 
http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1 101 &context=ism 
and (forthcoming) 
Wright, Craig S. and Zia, Tanveer A (2011) A Quantitative Analysis into the Economics 


of Testing Software Bugs, Proceedings of 4th International Conference on Computational 
Intelligence in Security for Information Systems CISIS 2011 June 8-10th, 2011 


Wright, Craig S. and Zia, Tanveer A (2011) A Rationally Opting for the Insecure 
Alternative: Negative Externalities and the Selection of Security Controls, Proceedings of 
Ath International Conference on Computational Intelligence in Security for Information 
Systems CISIS 2011 June 8-10th, 2011 


Personnel and Performer Qualifications and Experience 
Craig S Wright (Full CV too long and is available in request) 


Over the years Craig has personally conducted and managed in excess of 1,600 IT security related 
engagements for more than 180 Australian and international organizations in both the private and 
government sectors. As a strong believer in life-long learning, Craig has qualifications in Law, IT, 
Mathematics and Business. However, his driving focus is research and development in the security and 
risk arena. He is the first person to have obtained multiple GSE certifications (Malware and Compliance) 
Craig designed the architecture for the world’s first online casino (Lasseter’s Online) in the Northern 
Territory; as well he has, in the past, designed and managed the implementation of many of the systems 
that protect the Australian Stock Exchange. To add to these accomplishments he has authored IT security 
related books and articles as well as designed a new university program for Charles Sturt University in 
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New South Wales, Australia which will offer a Master in Digital Forensics. This program commenced in 
2010 and be offered as an on campus and distance education program. 


Dave Kleiman (http://en.wikipedia.org/wiki/Dave_Kleiman) 


Dave Kleiman is a noted Forensic Computer Investigator, an author/coauthor of multiple books and a 
noted speaker at security related events 


Bob Radvanovsky, CIFI, CISM, REM, CIPS, Infracritical, Inc. 
Principle, SCADA expert and Author 


URL: http://www.amazon.com/Corporate-Hacking-Technology-driven-Crime- 
Implications/dp/1616928050 


URL: http://www. infracritical.com/papers/scadasec-20 1 0-review.zip 


URL: http://www.amazon.co.uk/Critical-Infrastructure-Homeland-Emergency- 
Preparedness/dp/1420095277 


URL: http://viewer.zmags.com/publication/d1408 139#/d1408 139/12 
URL: http://www.amazon.com/Transportation-Systems-Security-A llan-McDougall/dp/1 420063782 
Commercialization Capabilities and Plan 
The principles are experienced researchers and businessmen in the realm of Information 
Security. The research will be conducted in conjunction with Charles Sturt University and will 
follow the standard commercialization processes of the University (these processes are available 
online). Further, this project will create a large body of public and academic knowledge and 
scientific research that could also be used by other companies and Universities in the creation of 
further models and structures that will lead to the securing of more systems again. 
Costs, Work, and Schedule 
Amount Requested (in dollars): $2,200,000.00 
Duration: 36 months 
The funding request will provide full scholarships and positions for three (3) PhD candidates to 
aide in the research and investigation of software security issues and solution, the creation of 
economic models and the publication of an expected 20-30 papers in this field. 


The period is set to three years which includes the completion of the PhD projects and the 
creation of the market, insurance and derivative models. 


° PhD Funding $480,000 
: Supervision $350,000 
° Survey and data Analysis $230,000 
° Research Fellowships (2) $260,000 
. Administration $120,000 
. Costs (Computational Systems) $660,000 
‘ Support Costs (Coding) $300,000 
6|Page 
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BAA Number: BAA 11-02-TTA 01-0127-WP 
Offeror Name: W&K INFO DEFENSE RESEARCH LLC 


Title Risk Quantification 
Date: 07/04/2010 


Operational Capability: 


The research is intended to address some of the economic issues that are arising due to an inability 
of assign risk correctly, a failure to measure risk as well as looking at the misalignment of 
information systems audit and the compliance regime. The externalities that restrict the 
development of secure software and how the failure of the end user to apply controls makes it less 
probable that a software vendor will enforce stricter programming controls with failures in the 
audit and measurement processes are addressed. This includes a look at the misalignment of audit 
to security. This misalignment is demonstrated to result from the drawing of funds from security 
in order to provide compliance with little true economic gain (Wright, 2010). 


Proposed Technical Approach: 


The objective of this research is to produce an 
innovative modeling architecture designed 
around information systems security and risk 
based reliability and survivability analysis. The 
objectives of the research are: 


(1) To address the critical limitations 
(Jeanblanc & Valchev, 2005) that are associated 
with reliability engineering in regards to 
computer systems. This will be completed with 
competing risks analysis and multivariate 
survival analysis coupled with a game theoretic 
approach. Data collected from an analysis of 
systems in the field will be used to test 
assumptions. These assumptions (Marti, 2008) 
include: 


constant and homogenous failure rates, 
binary failure and univariate reliability, 
censoring of failure data, and 

d independent failures. 


(2) To produce a methodology for the 
creation and testing of hazard and survival 
models for information systems. This will 
become a risk based quantitative approach to 
reliability and survivability engineering. 

(3) To incorporate methods that represent 
the effects of misaligned incentives and their 
consequence to security controls. 


Authorized Representative: Craig Wright 
Signature: lr, f /, 
cae 
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Schedule, Cost, Deliverables, & Contact Info: 
Deliverables: 

30-40 published papers 

3 PhD Thesis' in the field 

A commercial model for modeling information risk 


Several published papers have been released 
(forthcoming include) 


Wright, Craig S. and Zia, Tanveer A (2011) A 
Quantitative Analysis into the Economics of Testing 
Software Bugs, Proceedings of CISIS 2011 June 8- 
10th, 2011 


Wright, Craig S. and Zia, Tanveer A (2011) A 
Rationally Opting for the Insecure Alternative: 
Negative Externalities and the Selection of Security 
Controls, Proceedings of CISIS 2011, 2011 


Corporate Information: 

Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 

Palm Beach 

FL 33410 - 6253 

Phone: 5613108801 


Email: dave@davekleiman.com 
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Wé&K INFO DEFENSE RESEARCH LLC 
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36 months 
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Small Business 
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Executive Summary 


The deficiency of published quantitative data on software development and systems design has 
been a major ground for software engineering’s failure to ascertain a proper scientific 
foundation. Past studies into coding practice have focused on software vendors. These 
developers have many distinctions from in-house projects that are not incorporated into the 
practices and do not align well with in-house corporate code development. In the past, building 
software was the only option but as the industry developed, the build vs. buy argument has 
swung back towards in-house development with the uptake of Internet connected systems. In 
general, this has been targeted towards specialized web databases and online systems with office 
systems and mainstream commercial applications becoming a ‘buy’ decision. 


As companies move more and more to using the web and as ‘cloud applications’ become 
accepted, in-house development is becoming more common. This paper uses an empirical study 
of in-house software coding practices in Australian companies to both demonstrate that there is 
an economic limit to how far testing should proceed as well as noting the deficiencies in the 
existing approaches. 


1.1 Related Work 


Other studies of coding processes and reliability have been conducted over the last few decades. 
The majority of these have been based either on studies of large systems and mainframe based 
operations or have analyzed software vendors. In the few cases where coding practices within 
individual organization have been quantitatively analyzed, the organizations have been nearly 
always large telecommunications firms or have focused on SCADA and other critical system 
providers. | 


Whilst these results are extremely valuable, they fail to reflect the state of affairs within the vast 
majority of organizations. With far more small to medium businesses coupled with 
comparatively few large organizations with highly focused and dedicated large scale 
development teams (as can be found in any software vendor), an analysis of in-house practice is 
critical to both security and the economics of in-house coding. 


As the Internet becomes all persuasive, internal coding functions are only likely to become more 
prevalent and hence more crucial to the security of the organization. 


1.2 Our contribution 

We intend to present an analysis using empirical studies to determine and model the cost of 
finding, testing and fixing software bugs. We model the discovery of bugs or vulnerabilities in 
using quantitative functions and calculate the defect rate per SLOC (source line of codes) using 
Bayesian calculations. 

The end solution to the limited and sub-optimal markets that currently exist would be the 


creation of Hedge funds for software security. Sales in software security based derivatives could 
be created on forward contracts. One such solution is the issuing of paired contracts (such as 
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exist in short sales of stocks ). The first contract would be taken by a user and would pay a fixed 
amount if the software has suffered from any unmitigated vulnerabilities on the (forward) date 
specified in the contract. The paired contract would cover the vendor. If the vendor creates 
software without flaws (or at least mitigates all easily determinable flaws prior to the inception 
of the contract) the contract pays them the same amount as the first contract. 


This is in effect a 'bet' that the software will perform effectively. Ifa bug is discovered, the user 
is paid a predetermined amount. This amount can be determined by the user to cover the 
expected costs of patching and any consequential damages (if so desired). This allows the user to 
select their own risk position by purchasing more or less risk as suits both the risk tolerance and 
the nature of the user's systems. 


Such a derivative (ifan open market is allowed to exist) would indicate the consensus opinion as 
to the security of the software and the reputation of the vendor. Such an instrument would allow 
software vendors and users to hedge the risks faced by undiscovered software vulnerabilities. 
These instruments would also be in the interest of the software vendor's investors as the ability to 
manage risk in advance would allow for forward financial planning and limit the negative impact 
that vulnerability discovery has on the quoted prices of a vendors capital. 


This project will model the security of software coding practices in a manner that will lead to 
fewer economic externalities 


Utility to Department of Homeland Security 


The game theoretic approach to this can be modeled looking at the incentives of the business and 
programming functions in the organization. Programmers are optimists. As Brooks noted, "the 
first assumption that underlies the scheduling of systems programming is that all will go well". 
Testing is rarely considered by the normal programmer as this would imply failure. However, the 
human inability to create perfection leads to the introductions of flaws at each stage of 
development. 


Technical Approach 


Just as car dealers buff the exterior and detail the upholstery of a used car, neglecting the work 
that should be done on the engine, software vendors add features. Most users are unlikely to use 
even a small fraction of these features, yet they buy the product that offers more features over the 
more secure product with fewer features. The issue here is that users buy the features over 
security. This isa less expensive option for the vendor to implement and provide. 


The creation of a security and risk derivative should change this. The user would have an upfront 
estimate of the costs and this could be forced back to the software vendor. Where the derivative 
costs more than testing, the vendor would conduct more in-depth testing and reduce the levels of 
bugs. This would most likely lead to product differentiation (as occurred in the past with 
Windows 95/Windows NT). Those businesses who wish to pay for security could receive it. 
Those wanting features would get what they asked for. 


oe Te 
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It is argued that software developers characteristically do not correct all the security 
vulnerabilities and that known ones remain in the product after release. Whether this is due to a 
lack of resources or other reasons, this is unlikely to be the norm and would be rectified by the 
market. The cost of vendors in share price and reputational losses exceed the perceived gains 
from technical reasons where the fix might break existing applications. The application is already 
broken in the instance of a security vulnerability. 


| Users could still run older versions of software and have few, if any, bugs. The issue is that they 
would also gain no new features. It is clear that users want features. They could also choose to 
use only secure software, but the costs of doing so far outweigh the benefits and do not provide a 
guarantee against the security of a system being compromised. As such, the enforced legislation 
of security standards against software vendors is detrimental. A better approach would be to 
allow an open market based system where vendors can operate in reputational and derivative 
markets. 


At the end of any analysis, security is a risk function and what is most important is not the 
creation of perfectly security systems, but the correct allocation of scarce resources. Systems 
need to be created that allow the end user to determine their own acceptable level of risk based 
on good information. 


The goal of this research project is to create a series of quantitative models for information 
security that can be used to create a software security derivative and insurance market. 
Mathematical modeling techniques that can be used to model and predict information security 
risk will be developed using a combination of techniques including: 


. Economic theory, and Econometrics 
. Quantitative financial modeling, 

° Behavioral Economics, 

. Algorithmic game theory and 

. Statistical hazard/survival models. 


The models will account for heteroscedastic confounding variables and include appropriate 
transforms such that variance heterogeneity is assured in non-normal distributions. Process 
modeling for integrated Poisson continuous-time process for risk through hazard will be 
developed using a combination of: 


° Business financial data (company accountancy and other records), 
. Anti-Virus Industry data 

. Legal databases for tortuous and regulatory costs and 

. Insurance datasets. 


This work and research follows and continues that published as: 


Wright, Craig S. and Zia, Tanveer A. (2010) The Economics of Developing Security 
Embedded Software, Proceedings of the 8th Australian Information Security Management 
Conference, Edith Cowan University, Perth Western Australia, 30th November 2010 
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Charles Sturt University 
http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1 101 &context=ism 
and 


Wright, Craig S. (2010) Software, Vendors and Reputation: an analysis of the dilemma in 
creating secure software, Proceedings of InTrust 2010 The Second International 
Conference on Trusted Systems 13th — 15th December 2010 Beijing, P. R. China 


Charles Sturt University 
and (forthcoming) 


Wright, Craig S. and Zia, Tanveer A (2011) A Quantitative Analysis into the Economics 
of Testing Software Bugs, Proceedings of 4th International Conference on Computational 
Intelligence in Security for Information Systems CISIS 2011 June 8-10th, 2011 


Wright, Craig S. and Zia, Tanveer A (2011) A Rationally Opting for the Insecure 
Alternative: Negative Externalities and the Selection of Security Controls, Proceedings of 
Ath International Conference on Computational Intelligence in Security for Information 
Systems CISIS 2011 June 8-10th, 2011 


Personnel and Performer Qualifications and Experience 
Craig S Wright (Full CV too long and is available in request) 


Over the years Craig has personally conducted and managed in excess of 1,600 IT security related 
engagements for more than 180 Australian and international organizations in both the private and 
government sectors. As a strong believer in life-long learning, Craig has qualifications in Law, IT, 
Mathematics and Business. However, his driving focus is research and development in the security and 
risk arena. He is the first person to have obtained multiple GSE certifications (Malware and Compliance) 
Craig designed the architecture for the world’s first online casino (Lasseter’s Online) in the Northern 
Territory; as well he has, in the past, designed and managed the implementation of many of the systems 
that protect the Australian Stock Exchange. To add to these accomplishments he has authored IT security 
related books and articles as well as designed a new university program for Charles Sturt University in 
New South Wales, Australia which will offer a Master in Digital Forensics. This program commenced in 
2010 and be offered as an on campus and distance education program. 


Dave Kleiman (http://en. wikipedia.org/wiki/Dave_Kleiman) 


Dave Kleiman is a noted Forensic Computer Investigator, an author/coauthor of multiple books and a 
noted speaker at security related events 


Bob Radvanovsky, CIFI, CISM, REM, CIPS, Infracritical, Inc. 

Principle, SCADA expert and Author 

(chapter author) of "Corporate Hacking and Technology-driven Crime: Social Dynamics and 
Implication", ISBN 1616928050 and 9781616928056, Information Science Publishing, July 2010. 
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URL: http://www.amazon.com/Corporate-Hacking-Technology-driven-Crime- 
Implications/dp/16 16928050 


"Challenges Faced by the SCADASEC Mailing List", Protecting Canada's Critical Infrastructure 2010 
Control Systems Security Workshop, sponsored by Royal Canadian Mounted Police (Ontario 
Technological Crime), Public Safety Canada and Emergency Management Ontario (Critical Infrastructure 
Assurance Program), Wednesday April 14, 2010 and Thursday, April 15, 2010. 

URL: http://www. intfracritical.com/papers/scadasec-2010-review.zip 

Author of "Critical Infrastructure: Homeland Security and Emergency Preparedness", Second Edition, 
ISBN 1420095277 and 9781420095272, Taylor & Francis CRC Press, December 2009. 

URL: http://www.amazon.co.uk/Critical-Infrastructure-Homeland-Emergency- 
Preparedness/dp/1420095277 | 
Contributor (introduction speaker) of “The Year in Homeland Security”, 2008/2009 Edition (Charles 
Oldham, editor director), Faircount Media Group. 

URL: http://viewer.zmags.com/publication/d 1408 139#/d1408139/12 

Author (co-author) of "Transportation Systems Security", ISBN 1420063782 and 9781420063783, Taylor 
and Francis CRC Press, May 2008. 

URL: http://www.amazon.com/Transportation-Systems-Security-A llan-McDougall/dp/1420063782 


Commercialization Capabilities and Plan 


The principles are experienced researchers and businessmen in the realm of Information 
Security. The research will be conducted in conjunction with Charles Sturt University and will 
follow the standard commercialization processes of the University (these processes are available 
online). Further, this project will create a large body of public and academic knowledge and 
scientific research that could also be used by other companies and Universities in the creation of 
further models and structures that will lead to the securing of more systems again. 


Costs, Work, and Schedule 
Amount Requested (in dollars): $650,000.00 


Duration: 36 months 


The funding request will provide full scholarships and positions for three (3) PhD candidates to 
aide in the research and investigation of software security issues and solution, the creation of 
economic models and the publication of an expected 20-30 papers in this field. 


The period is set to three years which includes the completion of the PhD projects and the 
creation of the market, insurance and derivative models. 


° PhD Funding $240,000 

. Supervision $180,000 

. Survey and data Analysis $230,000 
6|Page 
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P BAA Number: BAA 11-02-TTA 01-0127-WP 
Offeror Name: W&K INFO DEFENSE RESEARCH LLC 
Title Software Assurance through Economic Measures 
Date: 07/04/2010 
N/A . Operational Capability: 
| The project will analyze a sample of at least 1,000 
coding projects using existing static analysis tools, 


manual code review and related techniques. Where 
these methods are lacking, proposals and methods 
to integrate existing methods and to fill the gaps 
left will be created. 

Schedule, Cost, Deliverables, & Contact Info: 
Provide any milestone decision points that will be 
required. Describe period of performance and total 
costs. Include the base performance period cost and 
length, and estimates of cost and lengths of 
possible option. 

Deliverables: 

20-30 published papers 

3 PhD Thesis' in the field 

A commercial model for software derivatives and 
insurance markets 




























Proposed Technical Approach: 
This project will address and provide measures and 
The analysis will measure the following coding 
errors: 







Format string errors 
Integer Overflows 
Buffer overruns 
SQL Injection 
Cross-Site scripting 
Race Conditions 
° Command Injection. 
Several published papers have been released 
(forthcoming include) 

























A means to measure and predict the following 
coding errors is being developed 
Format string errors 
Integer Overflows 
Buffer overruns 
SQL Injection 
Cross-Site scripting 
Race Conditions 
Command Injection. 


















Wright, Craig S. and Zia, Tanveer A 
(2011) A Quantitative Analysis into the 
Economics of Testing Software Bugs, 
Proceedings of 4th International 
Conference on Computational 
Intelligence in Security for Information 
Systems CISIS 2011 June 8-1 0th, 2011 

















Corporate Information: 
Dave Kleiman 

W&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 

Palm Beach 

FL 33410 - 6253 






Wright, Craig S. and Zia, Tanveer A 
(2011) A Rationally Opting for the 
Insecure Alternative: Negative 
Externalities and the Selection of 
Security Controls, Proceedings of 4th 
International Conference on 
Computational Intelligence in Security 
for Information Systems CISIS 2011 
June 8-10th, 2011 





















Phone: 5613108801 
Email: dave@davekleiman.com 







Authorized Representative: Craig Wright 


Signature: lg: f Ay 
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BAA 11-02-TTA 14-0025-WP 

TTA 14 - Software Assurance MarketPlace (SWAMP) 
Software Derivative Markets & Information Security Risk 
W&K INFO DEFENSE RESEARCH LLC 
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State & Zip Code: 
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TIN: 
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Proposal Contains Proprietary 
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36 months 
07/04/2011 
Small Business 


Small Business - 50 or Fewer Employees - Annual Gross Revenue - 1 Million or 


Less 


Shinn dame Reese aah Ss se hada taetN cesatennnenttp a eles tte Sead aes eh Lega sirsat alee teen ghost 





KLEIMAN_00560998 


Gase 9: 18-¢ -cv-80176-BB Document 829-132 Entered on FLSD Docket 12/16/2021 = 117 


of 141. : 


S&T Directorate BAA : Cour Sheet / A. 


Proposal Does Not Contain Proprietary Information 


EEE LEO SE I EEE BBR 


Proposal Number: 
Topic: 

Proposal Title: 

Company Name: 

Mailing Address (Line 1): 
Mailing Address (Line 2): 
City: 

State & Zip Code: 
Phone: 

Fax: 

TIN: 

DUNS + 4: 

CAGE Code: 

SIC: 

FICE: 


Proposal Contains Proprietary 
Information: 


Amount Requested (in dollars): 


Duration: 
Requested Starting Date: 
Business Type: 


BAA 11-02-TTA 05-0155-WP 

TTA 05 - Secure, Resilient Systems and Networks 
SCADA Isolation 

W&K INFO DEFENSE RESEARCH LLC 

4371 Norhtlake Blvd #314 


Palm Beach 
FL 33410 - 6253 
5613108801 


274997114 
null - 


No 


$1800000.00 
36 months 
07/04/2011 


Small Business - 50 or Fewer Employees - Annual Gross Revenue - 1 Million or 


Less 
Small Business 


BA tastes ec bed tA NGAI RPE (Lee NT IAAL eS Et EN RR OE POS EBAY LIE ESL MA SE RYN EAE LES tact gmS SEE A SAAS MT A BO EEE LER BEE LTD Ct De OLN LERMAN BE NS OSE SMES REM LE OU MERE MB tA ATRL a tg see Ne HERES PNA R ENN S TANTRA 20ND 


CONFIDENTIAL 


m- 


KLEIMAN_00560999 


-Gase 9:18-cv-80176-BB Document 829-132 Entered on FLSD Docket 12/16/2021 — 118 
of 141. fe Seti 


S&T Directorate BAA pe Sheet / A. 


Proposal Does Not Contain Proprietary Information 


SST aetioadeee fares cea etree nes ttiee ees is etree sitentey Sextte sreanmecleediytige Re tanto sia dent sent 


Proposal Number: BAA 11-02-TTA 01-0127-WP 
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City: Palm Beach 
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integyrs 
The following is a response to the request by the ATO, ref. 1011685995901. 


Enterprise 
1. Income is on hold at present. The ATO has been auditing and reviewing the company 
following an initial question as to the allocation of GST that lead to a zero amount in 
payment overall. | 
a. Income was based on an arrangement with a large multi-national form for the 
export of software and mathematical algorithms. 
The company plans to raise money and sell its IP and software. 
To do this, it needs to get past the audit phase. 
No income is expected to when the ATO allows us to actually carry on a business. 


ol 90 F 


Basically, we are conducting research and developing capital in the hope that one 
day the auditing process will actually provide some feedback and we can go to 
market. This was in progress before the ATO started calling clients and placed this on 
hold. 

2. Australia 

24x/7 

International 


Bw 


a. We have published malware papers and processes (peer reviewed) 
b. We have published statistical libraries 
c. These can be sold as .Net framework libraries. Large companies such as Microsoft, 
MacAfee and CA have interest in the IP, but we need to have cleared the audit 
before we can sell this. 
5. All contract — see 2010 tax return. 
a. Income is on hold to when we can sell 
b. Sales will not start until the audit is complete 
c. Sales had started before the ATO started contacting clients who then placed holds 
on the sales. 
6. All work is currently completed by directors and contractors. 


This is the annexure Mashed wilh ng lallet A Tratered lain Hie alidavil / 
Affirmatt allan ; 2 by H?7- 
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: 1. Data warehousing 
a. Contracting 
b. Rental of office space 
c. Computer systems 
d. Software 
e. Previously Existing IP 
2. See folders. 
a. Q4 2010 has not been completed and hence is not included in this. 
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1. Transfer of developed code into the company. 


COCOMO used to cost technology. 


Leasing of systems for the following 12 months. 


Project Tithe Sturt 
Date 


Prototype System (Transfer of existing Cap) dune 2008 
Prototype Development dame 209 
Stage 2 iauan July 2010 
Total Project Value (excluding 

GST) 


94.65] Source Lines OF Cade 
1 ‘Team Skills 
1.260 Project Complexity 


35,00 Pricing Per Hour 


S76, 1 Person-Months 
+1522 Person-Days 
9? E80 Pérsan-Hours 


3 226,297 Total Price 


2 Entered on 


binish 
Date 


d 43 ly at 2 


7 
Mar 2050 


Existing capital is to consist of nmtthematical code libraries tor Microsoft 
# as embedded code using ASM, Cet and C4 valued usitig the 


{Discounted to three paynrents of $636,000) 


34.09 Price Per Line 


S Lines Per Day/Person 


% Forecast ? 


budgeted 
costs 
S636.0000 
$295,562 
S$ 68,529 


$995 G00 


Note: The Total Projeet Value includes the PMO tve charged’ by Provider as set 
out in Schedule 4. Existing capital will be assigned in 3 equal paris at $636,000 
each with the value to be pad in fll 
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a See contract — copy on disk 


£* pe ees & Qoey BE DP oy E; ‘ 
£ “we ey ry 2% % 2% 
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Direct costs pius IP 


ey ? = ree eed 
£ % y 7% 8% 


CoCOMO || based methodology plus direct costs. 


Use in the Enterprise 
The systems and equipment are used directly in the research and the development of solutions that 
will be offered for international sale. 


This Research is directly linked to a PhD candidacy at Charles Sturt University and is related to a 
CRICS research study. 


The PhD proposal and associated research papers are available on request. 
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Other Acquisitions 
Non-capital acquisitions for the period 01/01/2010 to 31/21/2010 as per purchase schedule. This 
includes Carbon credits (to offset computers using electricity) and sundry expenses. 
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Invoices — see disk 


Payments — see disk 


7 


LOans 
— see disk 


The following loan contracts have been attached (as prepared by Michie Shehadie and Co and 
registered). 


Loan from Lynn Wright 
Loan from Craig Wright 
Other Loans (Visa and sundry expenses) 


%, 


A ew « Be “4Ee gw & 
ve ee ae £% SSers “4 YR ee S Ue ee eR ee es exer 
Cu FeTiT ASSeEcs and Behe e240 3 Cher 


See MYOB File on disk. 
This includes depreciating assets. 


These assets are used in the research projects and are key to the development of product. 
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Intellectual Property 
Acquisition ~ how 
. R& D intellectual property sold by Craig Wright to Integyrs Pty Ltd 


e You have valued the market value of your intellectual property as 
$2,246,000 (data from your BAS (Craig Wright) for the tax periods July — 
Dec 2009) which you sold to two of your companies where you are the 
Director. 


e You have to provide documents to substantiate that you have incurred 
these costs during the course of your research and development of your 
intellectual property. 


e Please provide substantiation of the above costs by providing the tax 
invoices with full details of the supplier, date, description and the amounts 
stated for the purchases. 


Sale of Capital Assets to integyrs Pty Ltd 95 137 033 535 
Transfer of code, designs and assets from CSW to Integyrs as of June 30, 2009. 
Contracts created by Mitchie Shehadie ana Co. 


| have attached these documents on the disk and with each sale contract. This includes a schedule as 
what IP was transferred. 


| have attached a spreadsheet with the breakdowns of loans by Lynn Wright for total for a 7% 
interest rate. The total comes to $815,803.61 as of 01 Jul 2009. 


The amounts are covered as follows in the spreadsheet under the following headers: 
Conferences and Travel 
Lynn paid monies for my attendance at conferences 
These where for my business and education (e.g. SANS) 
Monthly Contributions 
Lynn helped me pay the loans used for the legal costs. 


As per the attached information in the attached email, as per ‘Farrugia v The 
Official Receiver (1982) 43 ALR 700’ The Doctrine of Exoneration is used in the allocation of these 
when applied to real property. The loans where for the direct purpose of Integyrs and Research at 
Lynn’s detriment. These amounts are monies she paid towards the loan each month and are hence 
loaned to the company. 


Debt - Purchased contract 


DeMorgan Pty Ltd had a contract for $105,000 pa in payments to Lynn on sale. 
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| purchased this in order to by the business of DeMorgan and start DeMorgan 
Information Security Systems P/L and this contract and the IP associated with it was transferred into 
Integyrs. 


CoCOMO II for software 
Cost basis and transfer for prior assets. 


Assets and shares moved from prior companies set as per court order issued by NSW Supreme court. 


Sale of Capital Assets to Integyr 


oo 


‘ ak Par : we g ye ite Be gate Pa . ? a a, d bce Be ok ete 2 ge gt a ey a i ae oy 
Transfer of code, designs and assets from CSW to Integyrs as of June 30, 2009. 


$1,100,000 


Transfer of code, designs and assets from CSW to Integyrs as of June 36, 2009. 


$1,100,000 


wR f& ee ar . te 


i irs hi A £ ed} ity Epryt ti ties Pies: £ Pim BA merges ey leat pegbire, Kara peit are beseyin Das 
Associated IP as maintined following ~ Liquidation of DeMorgan information Security Systems Pty 


td and kept due to unpaid debt. 


Shares and debt S 2,178,000 
As determined by NSW Supreme Court. 

Losses ~ Depreciation of capital Assets (Write-off) 
Old Computer Equipment $22287 


Total Gains $2,235,000 


Total Losses $34,713 
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Bank Statements 
See folder — 1 statement. 


eo 
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Ausindustry 


Yes, Integyrs is registered with AusIindustry. 


R2010976 
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Valentina To craig@integys.com 
Ortakovska/SCO/NSW_AG 
03/09/2013 03:04 PM as 

bec 


Subject RE: proceeding number 2013/ 225983 


Dear Craig 
Please be advised that the Consent Order filed on 28/8/2013 was not dealt by Registrar in chamber. 
The listing date of 30/10/2013 still remains and all parties needs to be present in court on that day. 


Regards 

Valentina Ortakovska 
senior Client Service Office 
Supreme Court of NSW 
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Form 3B (version 4) YP oan 
UCPR 6.2 29 SUL 


STATEMENT OF CLAIM 





Court NSW Supreme Court. | 
Division General division? Co nmon Cenod . 

List on - A 

Registry sydney 








PaeuOnte Craig Steven Wright (ABN 97 481146 384) __ 


Defendant Wé&K INFO DEFENSE RESEARCH LLC 





Filed for Craig $ Wright Af a 
Plaintiff 
Contact name and telephone Craig S Wright 


0417 683 914 


Contact email Craig S Wright chai hbabledenseiaetitie 





Mercantile Law - Sale of Goods and Services — contracted Dap 


Mercantile Law — Other — Money Lent 


nope 
& 


a+ 4 2b, ow em ee & be ¢! a 
8 Pye S% OE 8S FEC REE Soe os § 
bia wiavwor aS haon PIG Mears e Lila 
1 iP Hag ZS Se 8 eth be ap ge 28 Kh wS & Oe 4° 2 %e RH OF BRE 
% La aa 
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1 That the defendant pay the plaintiff the total amount claimed below. 


Amount of claim $ 28,253,633.00 
Interest $0 

Filing fees > 999.00 
Service fees > 34.00 
Solicitors fees > 0.00 

TOTAL $ 28,254,666.00 






1 Between 2011 and 2013 the plaintiff provided contract labour services to the 
defendant. The plaintiff loaned money to the defendant to the defendant at a set 
interest rate with a commercial expectation that the said monies would be repaid in 


full when a project was completed. 


2 The defendant is a company that operates from Palm Beach, FL, USA and does 


research in homeland security research. 


3 By contract dated 27 October 2008, the Defendant agreed to pay the Plaintiff for 
property and consulting services to complete research. The contract was bonded 


against the intellectual property of the defendant. 
| 4 The material terms of the purchase contract were: 
a. The Plaintiff was the contractor and financier 
b. The Defendant was the Vendor 
c. Completion was to take place on 30 June 2013. 
d. Time was of the essence of the contract. 


e. That inthe event that the Purchaser breached the contract, the Seller could 


either affirm or terminate the contract with a full return of value. 


5 The plaintiff conducted four (4) projects associated with the DHS (Dept. of 


Homeland Security USA) with the defendant under contract: 


a. BAA 11-02-TTA 01-0127-WP: TTA 01 - Software Assurance: Software 
Assurance through Economic Measures 
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13 


14 


15 


16 
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BAA 11-02-TTA 05-0155-WP: TTA 05 - Secure, Resilient Systems and 


Networks 


BAA 11-02-TTA 09-0049-WP: TTA 09 - Cyber Economics 


BAA 11-02-TTA 14-0025-WP: TTA 14 - Software Assurance MarketPlace 


(SWAMP) 


In May 2013 the primary director of the defendant died leaving the project not 


transferred to the plaintiff and not returning funds. These funds were rated as: 


a. 


b. 


C. 


d. 


TTA 01 


TTA 05 


TTA 09 


TTA 14 


US$ 650,000 
USS 1,8000,000 
US$ 2,200,000 


USS 1,200,000 


The contract was executed with an agreement that all created Intellectual property 


reverts to the ownership of the plaintiff with interest if the project concludes without 


assignment of shares in the defendant. 


The contract set the interest rate at 8% calculated annually. 


The exchange rate was contracted with a formula to be $1.12 at the point of breach. 


The funding was supplied using Bitcoin and Gold bonds. 


A bond of Au $20,000,000.00 was provided to cover funding aspects of the 


research. 


The contract stated that a breach would lead to liquidated damages to the amounts 


stated as the project limits. If the liquidated amount is not paid all IP returns to the 


sole ownership of the plaintiff. 


The IP is software and code used by the US Military, DHS and other associated 


parties. 


The defendant is unable to complete its responsibilities due to the death of its 


director, Mr Kleiman. 


The debt of US$ 5,850,000 comes to $6,552,000 in Australian $. The Interest on this 
amount is calculated at SAU 1,701,633.00. 


The plaintiff claims: 


Debt of $ 28,253,633.00 


—’ 
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Interest pursuant to section 100 Civil Procedure Act 2005 from 01 July 2013 to 


judgement. 





— | acknowledge that court fees may be sayebe duane esex proc procegaings. These fees may 


a 


include a hearing allocation fee. 







Signature 





Capacity Phaintif 


QS Sut t 2 


Date of signature 


os 
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. er ane rae nae ee ne | Z a —_ | - ee oar e Beery 
e You will be in default in these proceedings. 
e The court may enter judgment against you without any further notice to you. 
The judgment may be for the relief claimed in the statement of claim and for the plaintiff's 
costs of bringing these proceedings. The court may provide third parties with details of any 
default judgment entered against you. 


Please read this statement of claim very carefully. If you have any trouble _ 





understanding it or require assistance on how to respond to the claim you should get 
legal advice as soon as possible. 
You can get further information about what you need to do to respond to the claim from: 
e A legal practitioner. 
e LawAccess NSW on 1300 888 529 or at www. lawaccess.nsw.gov.au. 
e The court registry for limited procedural information. 
You can respond in one of the following ways: 
1 if you intend to dispute the claim or part of the claim, by filing a defence and/or 
making a cross-claim. 
2 If money is claimed, and you believe you owe the money claimed, by: 
® Paying the plaintiff all of the money and interest claimed. If you file a notice 
of payment under UCPR 6.17 further proceedings against you will be 
stayed unless the court otherwise orders. 
© Filing an acknowledgement of the claim. 
e Applying to the court for further time to pay the claim. 
3 If money is claimed, and you believe you owe part of the money claimed, by: 
° Paying the plaintiff that part of the money that is claimed. 
° Filing a defence in relation to the part that you do not believe is owed. 
Court forms are available on the UCPR website at www. lawlink.nsw.gov.au/ucpr or at any 


NSW court registry. 










Street address 184 Phillip St, Sydney NSW 2000 


Postal address Supreme Court of NSW, GPO Box 3, Sydney NSW 2001 
Australia 2000 


Telephone (02) 9377 5840 


or 
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Name Craig Steven Wright 


Address 43 St Johns Ave Gordon NSW 2072 
Occupation Lecturer/Director 

Date 23 July 2012 

| say on oath: 

1 | am the plaintiff. 

2 | believe that the allegations of fact in the statement of claim are true. 
SWORN at 





]y~ 


int Fe Kavle WisQins: 


Signature of deponent 


Name of witness 


Address of witness ARLIE WIGGINS 


Reg. No. 194194 o i 9 i j 

A Justice of the Peace in and for the Ku FING g a | Co U n Cl l 
State of New South Wales 818 Pacific Highway, Gordon 

Capacity of witness Justice of the peace Locked Bag 1056, Pymble, NSW 2073 

ABN: 84 408 856 411 

And as a witness, | certify the following matters concerning the person who made this affidavit (the deponent): 

1 #1 saw the face of the deponent. [OR, delete whichever option is inapplicable] 

2 #-have-known-the-depenent for atleast 42 months (OR, delete whichever ontion- is inapplicablel 


#| have confirmed the deponent’s identity using the following identification document: 


NSu9/C- IZS5j6UIO - 


Identification document relied on (may be original or certified copy) tT 





Signature of witness 


Note: The deponent and witness must sign each page of the affidavit. See UCPR 35.7B. 


[* The only "special justification" for not removing a face covering is a legitimate medical reason (at April 2012).] 


[T"Ildentification documents" include current driver licence, proof of age card, Medicare card, credit card, 
Centrelink pension card, Veterans Affairs entitlement card, student identity card, citizenship certificate, birth 
certificate, passport or see Oaths Regulation 2011.] 


a 
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PARTIES TO THE PROCEEDINGS 
Plaintiff Defendant 


Craig Steven Wright Wé&K INFO DEFENSE RESEARCH LLC 
4371 Norhtlake Blvd #314 
Paim Beach 


FL 33410 - 6253 [Defendant] 






Plaintiff 
Name Craig Steven Wright 
Address 43 St Johns Ave 


Gordon NSW 2072 


Contact details for plaintiff acting in person or by authorised officer 


Address for service as above 


Telephone 0417 683 914 


Email craigswright@acm.org 






Defendant 

Name Wé&K INFO DEFENSE RESEARCH LLC 
Address 4371 Norhtlake Blvd #314 
Palm Beach 
FL 33410 - 6253 


Fl 
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19 AUG 2015 
Form 35 (version 2) 
UCPR 20.34 


ACKNOWLEDGEMENT OF ee ae 





Court | NSW Supreme Court 


Division General Division Common Law 


List General 
Registry Sydney 
Case number 2013 / 225983 





Plaintiff Craig Steven Wright (ABN 97 481 146 384) 


Defendant Wé&K INFO DEFENSE RESEARCH LLC 





‘Filed for Defendant 
Contact name and telephone Dr C Wright, 02 8003 7553 





1 | am the legal agent and representative for the defendant. 


2 | acknowledge the whole of the amount being claimed by the plaintiff. 





Signature fog FF L | ipo 
Capacity | | Defendant 
Date of signature 19% August 2013 
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[Include your contact details if you have not previously given this information to the court. Do not include t 


contact details for any other parties.] 


Filing party 


Name W&K INFO DEFENSE RESEARCH LLC S$ / Come ier 
Address Bagnoo NSW 2446 
Contact details for filing party acting in person or by authorised officer 

Name of authorised officer 

Capacity to act for filing party Director / Australian Agent 

Address for service as above 

[The filing party must give an address for 

service. This must be an address in 

NSW unless the exceptions listed in 

UCPR 4.5(8) apply. State "as above’ if 

the filing party’s address for service is 

the same as the filing party's address 

stated above.] 

Telephone O02 8003 7553 

Email craig@integys.com 
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Delivery Failure Report 
Your 
docunent RE: proceeding number 2013/ 225983 
ae d to: craig@integys.com 
because: 950 #5.1.0 Address rejected. 
What should you do? 


@ You can resend the undeliverable document to the recipients listed above by choosing the Resend button or 
the Resend command on the Actions menu. 


@ Once you have resent the document you may delete this Delivery Failure Report. 
@ If resending the document is not successful you will receive a new failure report. 


@ Unless you receive other Delivery Failure Reports, the document was successfully delivered to all other 
recipients. 


pectna pe ree ee 


GOODMDG1/Server/NSW_AG, SUPRMDM1/Server/NSW_AG 
To: craig@integys.com 
CC: 
Date: 03:24:50 PM Today 


Subject: RE: proceeding number 2013/ 225983 
Dear Craig, 


Please be advised that the Consent Order filed on 28/8/2013 was not dealt by Registrar in chamber. 
The listing date of 30/10/2013 still remains and all parties needs to be present in court on that day. 


Regards 
Valentina Ortakovska 
Senior Client Service Office 


Supreme Court of NSW 


Department of Attorney General and Justice - Promoting a Just and Safe Society. 


Visit us at www.lawlink.nsw.gov.au. 


Please consider our environment before printing this email. This email and any attachments 
may be confidential and contain privileged information. If you are not the intended recipient 
you must not use, disclose, copy or distribute this communication. If you have received this 
message in error please delete and notify the sender. When communicating by email you 
consent to the monitoring and recording of that correspondence. 
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Delivery Failure Report 
Your 
dacument RE: proceeding number 2013/ 225983 
erpdad to: craig@integys.com 
because: 550 #5.1.0 Address rejected. 
What should you do? 


e You can resend the undeliverable document to the recipients listed above by choosing the Resend button or 
the Resend command on the Actions menu. 


e Once you have resent the document you may delete this Delivery Failure Report. 
e if resending the document is not successful you will receive a new failure report. 


e Unless you receive other Delivery Failure Reports, the document was successfully delivered to all other 
recipients. 


To: craig@integys.com 
CG 
Date: 03:04:09 PM Today 


Subject: RE: proceeding number 2013/ 225983 


Dear Craig 
Please be advised that the Consent Order filed on 28/8/2013 was not dealt by Registrar in chamber. 


The listing date of 30/10/2013 still remains and all parties needs to be present in court on that day. 


Regards 
Valentina Ortakovska 
Senior Client Service Office 


Supreme Court of NSW 


Department of Attorney General and Justice - Promoting a Just and Safe Society. 


Visit us at www.lawlink.nsw.gov.au. 


Please consider our environment before printing this email. This email and any attachments 
may be confidential and contain privileged information. If you are not the intended recipient 
you must not use, disclose, copy or distribute this communication. If you have received this 
message in error please delete and notify the sender. When communicating by email you 
consent to the monitoring and recording of that correspondence. 
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